Hi, the feature/better-controlled-gnupg-connections branch (no ticket) is a candidate for 0.19 => please review and merge into devel.
Steps to test the no-honor-keyserver-url option: 1. generate key pair 2. edit key -> keyserver hkp://example.com 3. gpg --refresh-keys -> output must not contain example.com I've added "write a testcase" to my todo list, but I don't promise anything yet. commit 8eb32b9b38942e91b9e2852c14af10def4f369a6 Author: Tails developers <[email protected]> Date: Sun Apr 28 15:02:03 2013 +0200 GnuPG: locate keys only from local keyrings. This is probably the default, but better safe than sorry. commit 946f89312d01d7d841429c9901aef2dee2683c9d Author: Tails developers <[email protected]> Date: Sun Apr 28 15:00:56 2013 +0200 GnuPG: don't connect to the preferred keyserver specified by the key owner. This feature opens the door to a variety of subtle attacks. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc _______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
