Hi Manuel, Right now each tool in signing-party uses the GNUPGBIN environment variable (or “gpg” if it is not set) as path to the gpg binary. However, while signing-party is ready for the soon-to-be GnuPG transition (users can already export GNUPGBIN=gpg2 in their ~/.bash_profile), it won't work out of the box without “gnupg” as it's the only package shipping the “gpg” executable in the default $PATH.
I don't mind adding a Suggests, but I wonder if it's worth the trouble to change Depends to “gnupg | gnupg2”? From what I understood from the GnuPG BOF at Debconf, there is a plan to make 2.1.x the new default GnuPG for Strech, and to ship it trough /usr/bin/gpg. Cheers, -- Guilhem.
signature.asc
Description: PGP signature
