[Pkg-gnupg-commit] [gnupg2] 138/159: gpg: Rework gpg-conf.skel
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Jan 27 13:24:03 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit 361820a3be48def2237f734d1383633891972f62
Author: Werner Koch <wk at gnupg.org>
Date: Fri Jan 22 10:54:10 2016 +0100
gpg: Rework gpg-conf.skel
--
Some of the options are too rarley used to deserve an entry in the
skeleton config file. Some are even the default for many years.
Added auto-key-locate because that is a very useful option.
Signed-off-by: Werner Koch <wk at gnupg.org>
---
g10/options.skel | 81 ++++++++++++++++++--------------------------------------
1 file changed, 26 insertions(+), 55 deletions(-)
diff --git a/g10/options.skel b/g10/options.skel
index e8f1882..87fc627 100644
--- a/g10/options.skel
+++ b/g10/options.skel
@@ -21,17 +21,15 @@
# GnuPG. If the first non white space character of a line is a '#',
# this line is ignored. Empty lines are also ignored.
#
-# See the man page for a list of options.
+# See the gpg man page for a list of options.
-# Uncomment the following option to get rid of the copyright notice
-
-#no-greeting
# If you have more than 1 secret key in your keyring, you may want to
# uncomment the following option and set your preferred keyid.
#default-key 621CC013
+
# If you do not pass a recipient to gpg, it will ask for one. Using
# this option you can encrypt to a default key. Key validation will
# not be done in this case. The second form uses the default key as
@@ -40,37 +38,6 @@
#default-recipient some-user-id
#default-recipient-self
-# By default GnuPG creates version 4 signatures for data files as
-# specified by OpenPGP. Some earlier (PGP 6, PGP 7) versions of PGP
-# require the older version 3 signatures. Setting this option forces
-# GnuPG to create version 3 signatures.
-
-#force-v3-sigs
-
-# Because some mailers change lines starting with "From " to ">From "
-# it is good to handle such lines in a special way when creating
-# cleartext signatures; all other PGP versions do it this way too.
-# To enable full OpenPGP compliance you may want to use this option.
-
-#no-escape-from-lines
-
-# When verifying a signature made from a subkey, ensure that the cross
-# certification "back signature" on the subkey is present and valid.
-# This protects against a subtle attack against subkeys that can sign.
-# Defaults to --no-require-cross-certification. However for new
-# installations it should be enabled.
-
-require-cross-certification
-
-
-# If you do not use the Latin-1 (ISO-8859-1) charset, you should tell
-# GnuPG which is the native character set. Please check the man page
-# for supported character sets. This character set is only used for
-# metadata and not for the actual message which does not undergo any
-# translation. Note that future version of GnuPG will change to UTF-8
-# as default character set.
-
-#charset utf-8
# Group names may be defined like this:
# group mynames = paige 0x12345678 joe patti
@@ -84,16 +51,17 @@ require-cross-certification
#group mynames = paige 0x12345678 joe patti
-# Some old Windows platforms require 8.3 filenames. If your system
-# can handle long filenames, uncomment this.
-#no-mangle-dos-filenames
+# GnuPG can automatically locate and retrieve keys as needed using
+# this option. This happens when encrypting to an email address (in
+# the "user@@example.com" form) and there are no keys matching
+# "user at example.com" in the local keyring. This option takes any
+# number mechanisms which are tried in the given order. The default
+# is "--auto-key-locate local" to search for keys only in the local
+# key database. Uncomment the next line to locate a missing key using
+# two DNS based mechanisms.
-# Lock the file only once for the lifetime of a process. If you do
-# not define this, the lock will be obtained and released every time
-# it is needed - normally this is not needed.
-
-#lock-once
+#auto-key-locate local,pka,dane
# Common options for keyserver functions:
@@ -109,18 +77,6 @@ require-cross-certification
# Can be used more than once to increase the amount
# of information shown.
#
-# use-temp-files = use temporary files instead of a pipe to talk to the
-# keyserver. Some platforms (Win32 for one) always
-# have this on.
-#
-# keep-temp-files = do not delete temporary files after using them
-# (really only useful for debugging)
-#
-# honor-http-proxy = if the keyserver uses HTTP, honor the http_proxy
-# environment variable
-#
-# broken-http-proxy = try to work around a buggy HTTP proxy
-#
# auto-key-retrieve = automatically fetch keys as needed from the keyserver
# when verifying signatures or when importing keys that
# have been revoked by a revocation key that is not
@@ -131,11 +87,13 @@ require-cross-certification
#keyserver-options auto-key-retrieve
+
# Uncomment this line to display photo user IDs in key listings and
# when a signature from a key with a photo is verified.
#show-photos
+
# Use this program to display photo user IDs
#
# %i is expanded to a temporary file that contains the photo.
@@ -166,3 +124,16 @@ require-cross-certification
#
# Use your MIME handler to view photos:
# photo-viewer "metamail -q -d -b -c %T -s 'KeyID 0x%k' -f GnuPG"
+
+
+# Because some mailers change lines starting with "From " to ">From "
+# it is good to handle such lines in a special way when creating
+# cleartext signatures; all other PGP versions do it this way too.
+# To enable full OpenPGP compliance you may want to use this option.
+
+#no-escape-from-lines
+
+
+# Uncomment the following option to get rid of the copyright notice
+
+#no-greeting
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list