From a79c183f86988f0d8b0c7a1c0fdb094678ccc990 Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Fri, 6 Dec 2019 20:22:32 +0200
Subject: [PATCH] gpg.conf: no keyserver options, document confusion

---
 .mikaela/gpg.conf | 14 +++++++++-----
 gpg/gpg.conf      | 14 +++++++++-----
 2 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/.mikaela/gpg.conf b/.mikaela/gpg.conf
index 2b6d35a4..9acd701d 100644
--- a/.mikaela/gpg.conf
+++ b/.mikaela/gpg.conf
@@ -25,11 +25,15 @@ default-key 0x99392F62BAE30723
 # WTOP
 #default-key 0xDC189FE6FA9BD685
 
-# Ignore preferred keyserver, remove signatures from keys not in keyring
-# import clean as it may be better for WoT than self-sigs-only and I
-# am not setting import/export options in fear of removing signatures
-# useful to other people in public keys that multiple people are touching.
-keyserver-options no-honor-keyserver-url import-clean
+# Ignore preferred keyserver
+keyserver-options no-honor-keyserver-url
+# The defaults are apparently self-sigs-only,import-clean starting from
+# gpg 2.2.17, but there seem to be controversial views on them and I am
+# not sure what way to go, so I am opting to trust the distribution.
+# Debian uses self-sigs-only (while I would be fine with import-clean)
+#  * https://dev.gnupg.org/T4628#128513
+# Arch Linux reverts the change going by no-self-sigs-only,no-import-clean
+#  * https://bugs.archlinux.org/task/63147
 
 # Try to automatically find keys from local/wkd if key for email address isn't found, but we are encrypting to email address.
 auto-key-retrieve
diff --git a/gpg/gpg.conf b/gpg/gpg.conf
index f1f9f950..c1b5ef7c 100644
--- a/gpg/gpg.conf
+++ b/gpg/gpg.conf
@@ -25,11 +25,15 @@
 # WTOP
 #default-key 0xDC189FE6FA9BD685 # MIKAELA_GREP # MIKAELA_GREP_GPG
 
-# Ignore preferred keyserver, remove signatures from keys not in keyring
-# import clean as it may be better for WoT than self-sigs-only and I
-# am not setting import/export options in fear of removing signatures
-# useful to other people in public keys that multiple people are touching.
-keyserver-options no-honor-keyserver-url import-clean
+# Ignore preferred keyserver
+keyserver-options no-honor-keyserver-url
+# The defaults are apparently self-sigs-only,import-clean starting from
+# gpg 2.2.17, but there seem to be controversial views on them and I am
+# not sure what way to go, so I am opting to trust the distribution.
+# Debian uses self-sigs-only (while I would be fine with import-clean)
+#  * https://dev.gnupg.org/T4628#128513
+# Arch Linux reverts the change going by no-self-sigs-only,no-import-clean
+#  * https://bugs.archlinux.org/task/63147
 
 # Try to automatically find keys from local/wkd if key for email address isn't found, but we are encrypting to email address.
 auto-key-retrieve