From 15760802288c05c61b3194f6ca1b75e3dfe373f0 Mon Sep 17 00:00:00 2001
From: Mika Suomalainen <mkaysi@outlook.com>
Date: Tue, 26 Feb 2013 12:18:20 +0200
Subject: [PATCH] gpg.conf: copy
 https://we.riseup.net/riseuplabs+paow/openpgp-best-practices#update-your-gpg-defaults

---
 .gpg.conf.MKAYSIGREP | 12 ++++++++++--
 gpg.conf             | 12 ++++++++++--
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/.gpg.conf.MKAYSIGREP b/.gpg.conf.MKAYSIGREP
index eaf044dc..7417642c 100644
--- a/.gpg.conf.MKAYSIGREP
+++ b/.gpg.conf.MKAYSIGREP
@@ -58,8 +58,9 @@ default-preference-list AES256,AES192,AES,CAST5,3DES SHA512,SHA384,SHA256,SHA224
 default-keyserver-url hkps://hkps.pool.sks-keyservers.net
 
 # Forcing preferred settings even if it's against OpenPGP standards
-#digest-algo SHA512
-#compress-algo BZIP2
+cert-algo SHA512
+digest-algo SHA512
+compress-algo BZIP2
 
 no-allow-non-selfsigned-uid
 default-sig-expire 0
@@ -91,6 +92,13 @@ export-options export-local-sigs export-attributes export-sensitive-revkeys expo
 ask-cert-level
 ask-cert-expire
 
+# Copying https://we.riseup.net/riseuplabs+paow/openpgp-best-practices#update-your-gpg-defaults
+# when outputting certificates, view user IDs distinctly from keys:
+fixed-list-mode
+# You should always know at a glance which User IDs gpg thinks are legitimately bound to the keys in your keyring:
+verify-options show-uid-validity
+list-options show-uid-validity
+
 # Add comments to things signed/encrypted by gpg
 comment Homepage: http://mkaysi.github.com/
 comment Public key: http://mkaysi.github.com/PGP/0x82A46728.txt
diff --git a/gpg.conf b/gpg.conf
index d711836d..274bdb37 100644
--- a/gpg.conf
+++ b/gpg.conf
@@ -58,8 +58,9 @@ default-preference-list AES256,AES192,AES,CAST5,3DES SHA512,SHA384,SHA256,SHA224
 default-keyserver-url hkps://hkps.pool.sks-keyservers.net
 
 # Forcing preferred settings even if it's against OpenPGP standards
-#digest-algo SHA512
-#compress-algo BZIP2
+cert-algo SHA512
+digest-algo SHA512
+compress-algo BZIP2
 
 no-allow-non-selfsigned-uid
 allow-multiple-messages
@@ -89,6 +90,13 @@ export-options export-local-sigs export-attributes export-sensitive-revkeys expo
 ask-cert-level
 ask-cert-expire
 
+# Copying https://we.riseup.net/riseuplabs+paow/openpgp-best-practices#update-your-gpg-defaults
+# when outputting certificates, view user IDs distinctly from keys:
+fixed-list-mode
+# You should always know at a glance which User IDs gpg thinks are legitimately bound to the keys in your keyring:
+verify-options show-uid-validity
+list-options show-uid-validity
+
 # Add comments to things signed/encrypted by gpg
 #comment Homepage: http://mkaysi.github.com/ # MKAYSIGREP MKAYSIGREPGPG
 #comment Public key: http://mkaysi.github.com/PGP/0x82A46728.txt # MKAYSIGREP MKAYSIGREPGPG