Hi, adrelanos wrote (17 Aug 2013 15:41:35 GMT) : > There may or may not be soon a place to discuss and propose changes for > an optimized gnupg.conf: > https://github.com/ioerror/torbirdy/pull/11
Thanks, I'll look it up. >> (not >> mentioning that upstream and/or Debian are probably better places to >> change these settings). > Upstream: I have the impression, their focus is more on staying > compatible with slow CPU systems (hence not 4096 bit default) and > ancient versions of proprietary PGP versions and not interested in > breaking compatibility with them for the sake of better security. Too bad. > Debian: There is no /etc/gnupg.conf. Gpg only stores settings in the > user's home folder. Therefore it's difficult to propose changes for > Debian default. And needless to say, Debian policy forbids writing > dotfiles in user's home folder. This would require a patch to > introduce the /etc/gnupg.conf feature first. Let's imagine there was > such a patch, would the Debian packager add it or say add the > feature upstream? In the latter case, upstream will tell you, that > they currently don't plan a release. Did you consider simply patching the defaults in the source code? > The situation is in a deadlock. As a Debian derivative realistically > your options boil down to breaking Debian policy and writing gpg > settings in user's home folder or doing nothing. If the changes you want to make are not accepted in Debian, you are still free to ship a custom package, with different defaults, in your preferred Debian derivative. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc _______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
