Jason A. Donenfeld writes: > But before you do that, would you test if adding "--trust-model > always" to the relevant $GPG invocation suppresses that message? > > And if it does, mailing list: do we want to add this?
My opinion: we are not security experts, we should let GPG do its thing and assume the user knows what they are doing. Modifying the trust model is not something that I think we should do.
pgppmOzHD5y3K.pgp
Description: PGP signature
_______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/password-store
