From adf4d8266bfb66a8156471fe4ad03baff815024f Mon Sep 17 00:00:00 2001 From: Johannes Löthberg Date: Tue, 19 Aug 2014 12:32:07 +0200 Subject: gpg: lookup cert dns records, show fingerprints --- gnupg/gpg.conf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'gnupg') diff --git a/gnupg/gpg.conf b/gnupg/gpg.conf index b40b3f0..015c0c3 100644 --- a/gnupg/gpg.conf +++ b/gnupg/gpg.conf @@ -4,7 +4,7 @@ utf8-strings keyserver hkps.pool.sks-keyservers.net keyserver-options ca-cert-file=~/.config/gnupg/sks-keyservers.netCA.pem keyserver-options no-honor-keyserver-url -auto-key-locate local,pka,keyserver +auto-key-locate local,cert,pka,keyserver keyserver-options honor-pka-record,auto-key-retrieve verify-options show-keyserver-urls,pka-lookups ###+++--- GPGConf ---+++### Tue 14 Jan 2014 09:55:23 AM CET @@ -21,9 +21,9 @@ personal-digest-preferences SHA512 # when outputting certificates, view user IDs distinctly from keys: fixed-list-mode -# short-keyids are trivially spoofed; it's easy to create a long-keyid collision; if you care about strong key identifiers, you always want to see the fingerprint: +# short-keyids are trivially spoofed; it's easy to create a long-keyid collision; if you care about strong key identifiers, you always want to see the fingerprint: keyid-format 0xlong -#with-fingerprint +with-fingerprint # when multiple digests are supported by all recipients, choose the strongest one: personal-digest-preferences SHA512 SHA384 SHA256 SHA224 # preferences chosen for new keys should prioritize stronger algorithms: -- cgit v1.2.3-70-g09d2