Hi
I am working on a software package alike to Debian's debian-archive-keyring.
Within that, public keys are stored in a jetring-compatible format. At build
time, these keys are essentially read/imported and concatenated in a
non-kbx-keyring.
Maintainers, for sanity, are supposed to build the ke
* On 9/6/19 12:33 AM, Ángel wrote:
I'm baffled by this.
Could you run gpg2 --list-packets on both keyrings and compare their
outputs?
That should hint which packets are being included by 1.4 that are not by
2.2
Hmm, interesting indeed.
The output is *almost* the same.
A diff looks like that
Hi
Since I know that the keyserver maintainers follow this list, I wonder what
happened to 37.191.231.105, which is part of the keyserver pool?
It currently HTTP-301-redirects to https://analytics.sumptuouscapital.com/ -
which also means that requests to URLs like http://keys.gnupg.net will some
* On 9/15/19 3:56 PM, Werner Koch wrote:
> The trust packets are for internal use of gpg and are never exported.
But... that's the whole point. gpg 1.4 seems to export them, while gpg 2.x does
not.
> These packets are one of the reasons why we stated for decades that the
> interface is "gpg --
* On 9/16/19 3:27 PM, Werner Koch wrote:
> On Mon, 16 Sep 2019 10:11, io...@ionic.de said:
>
>> which also means that requests to URLs like http://keys.gnupg.net will
>> sometimes
>> redirect a user to that location.
>
> That is not correct. For quite some time that address is a hardwired to
>
