On Wed, Apr 13, 2016 at 10:06:11PM +1000, Russell Coker wrote: > On Wed, 13 Apr 2016 05:26:49 PM Ben McGinnes via luv-main wrote: > >> As far as I'm concerned if you can't be bothered editing your >> algorithm preference order in gpg.conf and editing your keys and >> subkeys (actually they're set according to each UID) to match then you >> have no business trying to make keys larger than the default maximums. > > Actually I think it's the responsibility of DDs in question (and > other OS developers) to ensure that GPG defaults to the correct > algorithm preference.
Currently the default in most Linux distros (or OSes for that matter) is to create ~/.gnupg/ if its not there when the program is invoked, but not to generate a default gpg.conf. Distributions could set more sensible defaults by setting a basic system wide gpg.conf to be copied to a user's directory if it didn't exist, but the problem is that the first command for a lot of new users is --gen-key and if the gpg.conf is not already in place when the command is run then it won't affect the results. > Also it would be handy if there was a tool to check your GPG > configuration and key setup for obvious mistakes. That's a very good idea, the biggest hurdle I can see at the moment is that the info is normally only visible interactively by editing a key and using the showpref command. OTOH I haven't had nearly enough caffeine yet to be firing on all cylinders, so let it simmer in the back of my brain for a while and we'll see. ;) My main GPGME Python work is dependent on an overhaul of GPGME itself (someone needs to rip all that GTK2 crap out of the C API for a start). So this might give me something useful to do in the mean time. Regards, Ben
signature.asc
Description: PGP signature
_______________________________________________ luv-main mailing list [email protected] https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
