On Sun, 4 Sep 2016 16:51, [email protected] said: > Well, you took over the gpg name, so you have to abide to the same > interface, which you obviously don't do.
I disagree: We installed the gpg from GnuPG-2 under the name gpg2 to avoid conflicts with 1.x installations. After more than a decade it should be okay to push a bit forward to deprecate the use of 1.x. > The only way to verify an inline-signed message and also get the > unescaped message is to use gpg --decrypt. --verify does not even > accept --output. Frankly, I was not aware of it. It should be possible to add this back. > Isn't gpgv a debian-ism? No. gpgv was introduced 16 years ago to make simple verification cases easier. And indeed it was triggered by a request from Debian people. But it is used everywhere. I would also suggest to always use detached signatures. This is the most reliable way of knowing what has been signed. With the other two formats it is possible to play interesting games. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. /* Join us at OpenPGP.conf <https://openpgp-conf.org> */
pgpkSYSt1RJ9U.pgp
Description: PGP signature
