Edit Package gpg2

gpg2

GnuPG 2 is the successor of "GnuPG" or GPG. It provides: GPGSM,
gpg-agent, and a keybox library.

Refresh
Refresh
Source Files (show merged sources derived from linked package)
Filename Size Changed
gnupg-2.0.9-langinfo.patch 0000000707 707 Bytes about 8 years
gnupg-2.2.16-secmem.patch 0000001182 1.15 KB over 3 years
gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch 0000002176 2.13 KB 4 months
gnupg-2.3.7.tar.bz2 0007599853 7.25 MB 5 months
gnupg-2.3.7.tar.bz2.sig 0000000119 119 Bytes 5 months
gnupg-accept_subkeys_with_a_good_revocation_but_no_self-sig_during_import.patch 0000001218 1.19 KB almost 3 years
gnupg-add-test-cases-for-import-without-uid.patch 0000008388 8.19 KB almost 3 years
gnupg-add_legacy_FIPS_mode_option.patch 0000002617 2.56 KB 8 months
gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch 0000003427 3.35 KB over 1 year
gnupg-detect_FIPS_mode.patch 0000001591 1.55 KB almost 8 years
gnupg-dont-fail-with-seahorse-agent.patch 0000000684 684 Bytes over 1 year
gnupg-gpg-agent-ulimit.patch 0000001396 1.36 KB almost 4 years
gnupg-set_umask_before_open_outfile.patch 0000001367 1.33 KB over 1 year
gpg2.changes 0000111595 109 KB 4 months
gpg2.keyring 0000005365 5.24 KB 8 months
gpg2.spec 0000006826 6.67 KB 4 months
scdaemon.udev 0000005551 5.42 KB over 4 years
Comments 2

Georg Pfuetzenreuter's avatar

crameleon wrote 7 months ago

Hello!

Do we have an answer to https://bugs.archlinux.org/task/63147 ? Should we distribute keyserver-options no-self-sigs-only,no-import-clean by default in the system's gpg.conf or have there been discussions on whether this would be a good idea?

Thanks for any input!


Gianluca Gabrielli's avatar

crazybyte wrote 7 months ago

Hi Georg, thanks for having pointed this out, my2c below.

    opt.keyserver_options.import_options = (IMPORT_REPAIR_KEYS
                        | IMPORT_REPAIR_PKS_SUBKEY_BUG
                                            | IMPORT_SELF_SIGS_ONLY
                                            | IMPORT_COLLAPSE_UIDS
                                            | IMPORT_COLLAPSE_SUBKEYS
                                            | IMPORT_CLEAN);

AFAICS we're currently shipping gpg with both options enabled: self-sigs-only and import-clean. (Please, correct me if you think I'm wrong)

Even if we use gpg within the build system and the package manager, we do not rely on WoT, hence IMO this change is for us not that bad as it was for Archlinux.

In any case I find this topic interesting and discussing about it might be beneficial for many.

openSUSE Build Service is sponsored by