aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJohannes Löthberg <johannes@kyriasis.com>2014-08-19 12:32:07 +0200
committerJohannes Löthberg <johannes@kyriasis.com>2014-08-19 12:32:07 +0200
commitadf4d8266bfb66a8156471fe4ad03baff815024f (patch)
tree6ca6ab90b84497b10865945eadfc75aa805cfead
parent53f2955f4dc754bd3f411613983b9949d4d9da2e (diff)
downloaddotfiles-adf4d8266bfb66a8156471fe4ad03baff815024f.tar.xz
gpg: lookup cert dns records, show fingerprints
-rw-r--r--gnupg/gpg.conf6
1 files changed, 3 insertions, 3 deletions
diff --git a/gnupg/gpg.conf b/gnupg/gpg.conf
index b40b3f0..015c0c3 100644
--- a/gnupg/gpg.conf
+++ b/gnupg/gpg.conf
@@ -4,7 +4,7 @@ utf8-strings
keyserver hkps.pool.sks-keyservers.net
keyserver-options ca-cert-file=~/.config/gnupg/sks-keyservers.netCA.pem
keyserver-options no-honor-keyserver-url
-auto-key-locate local,pka,keyserver
+auto-key-locate local,cert,pka,keyserver
keyserver-options honor-pka-record,auto-key-retrieve
verify-options show-keyserver-urls,pka-lookups
###+++--- GPGConf ---+++### Tue 14 Jan 2014 09:55:23 AM CET
@@ -21,9 +21,9 @@ personal-digest-preferences SHA512
# when outputting certificates, view user IDs distinctly from keys:
fixed-list-mode
-# short-keyids are trivially spoofed; it's easy to create a long-keyid collision; if you care about strong key identifiers, you always want to see the fingerprint:
+# short-keyids are trivially spoofed; it's easy to create a long-keyid collision; if you care about strong key identifiers, you always want to see the fingerprint:
keyid-format 0xlong
-#with-fingerprint
+with-fingerprint
# when multiple digests are supported by all recipients, choose the strongest one:
personal-digest-preferences SHA512 SHA384 SHA256 SHA224
# preferences chosen for new keys should prioritize stronger algorithms: