Re: [Tails-dev] More gnupg options...

Nachricht löschen

Nachricht beantworten
Autor: intrigeri
Datum:  
To: The Tails public development discussion list
Betreff: Re: [Tails-dev] More gnupg options...
Hi,

adrelanos wrote (17 Aug 2013 15:41:35 GMT) :
> There may or may not be soon a place to discuss and propose changes for
> an optimized gnupg.conf:
> https://github.com/ioerror/torbirdy/pull/11


Thanks, I'll look it up.

>> (not
>> mentioning that upstream and/or Debian are probably better places to
>> change these settings).


> Upstream: I have the impression, their focus is more on staying
> compatible with slow CPU systems (hence not 4096 bit default) and
> ancient versions of proprietary PGP versions and not interested in
> breaking compatibility with them for the sake of better security.


Too bad.

> Debian: There is no /etc/gnupg.conf. Gpg only stores settings in the
> user's home folder. Therefore it's difficult to propose changes for
> Debian default. And needless to say, Debian policy forbids writing
> dotfiles in user's home folder. This would require a patch to
> introduce the /etc/gnupg.conf feature first. Let's imagine there was
> such a patch, would the Debian packager add it or say add the
> feature upstream? In the latter case, upstream will tell you, that
> they currently don't plan a release.


Did you consider simply patching the defaults in the source code?

> The situation is in a deadlock. As a Debian derivative realistically
> your options boil down to breaking Debian policy and writing gpg
> settings in user's home folder or doing nothing.


If the changes you want to make are not accepted in Debian, you are
still free to ship a custom package, with different defaults, in your
preferred Debian derivative.

Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc