On Friday, 24 November 2017 14:46:47 UTC+8, Elias Mårtenson wrote: > > On Friday, 24 November 2017 14:39:26 UTC+8, Jean-Philippe Ouellet wrote: > > >> Use a specific source vm in the first field, not $anyvm, otherwise you >> may actually be better off without split-gpg entirely depending on >> your threat model. > > > I still get the notification asking me to allow the signing. With the line > added, the > behaviour seems to be identical to what I had in 3.2. >
I do agree with you in the general case, that locking things are better than not locking them. In this particular case, however, I want almost all my VM's to be able to sign at one point or the other. And this behaviour was deemed acceptable in 3.2, so I don't really see how my solution can be seen as being overly bad? Regards, Elias -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/240c288e-17bd-4e1d-96fa-38c67c7b701f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
