Mikaela/shell-things
1
0
Fork 0
mirror of https://gitea.blesmrt.net/mikaela/shell-things.git synced 2024-11-22 03:09:22 +01:00
Code Issues Projects Releases Wiki Activity

gpg.conf: trusted-key, cert levels, cert expiry

Browse Source
This commit is contained in:
Aminda Suomalainen 2019-12-07 19:02:23 +02:00
parent 34c259c2ac
commit ca1bebb094
Signed by: Mikaela
GPG Key ID: 99392F62BAE30723
2 changed files with 27 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
.mikaela/gpg.conf
View File

@ -22,8 +22,10 @@
# Use my key by default
local-user 0x99392F62BAE30723
trusted-key 0x99392F62BAE30723
# WTOP
#local-user 0xDC189FE6FA9BD685
#trusted-key 0xDC189FE6FA9BD685
# Ignore preferred keyserver
keyserver-options no-honor-keyserver-url
@ -39,7 +41,6 @@ keyserver-options no-honor-keyserver-url
auto-key-retrieve
auto-key-locate local,wkd
# Encrypt to sender's key by default
default-recipient-self
@ -61,9 +62,18 @@ keyid-format 0xLONG
with-fingerprint
with-wkd-hash
# Ask everything
ask-cert-level
# I refuse to comment on GPG's weird scale how I have verified keys as
# I appear to disagree on the official meanings of 1-3.
# If I sign a key, I have verified it to best of my ability. Also
# apparently it doesn't have much meaning anyway https://debian-administration.org/users/dkg/weblog/98
no-ask-cert-level
default-cert-level 0
# Count also the persona signatures for WoT if someone has those.
min-cert-level 1
# Ask when signatures expire.
ask-cert-expire
default-cert-expire 2y
# Copying https://we.riseup.net/riseuplabs+paow/openpgp-best-practices#update-your-gpg-defaults
# when outputting certificates, view user IDs distinctly from keys:

16
gpg/gpg.conf
View File

@ -22,8 +22,11 @@
# Use my key by default
#local-user 0x99392F62BAE30723 # MIKAELA_GREP # MIKAELA_GREP_GPG
#trusted-key 0x99392F62BAE30723 # MIKAELA_GREP # MIKAELA_GREP_GPG
# WTOP
#local-user 0xDC189FE6FA9BD685 # MIKAELA_GREP # MIKAELA_GREP_GPG
#trusted-key 0xDC189FE6FA9BD685 # MIKAELA_GREP # MIKAELA_GREP_GPG
# Ignore preferred keyserver
keyserver-options no-honor-keyserver-url
@ -61,9 +64,18 @@ keyid-format 0xLONG
with-fingerprint
with-wkd-hash
# Ask everything
ask-cert-level
# I refuse to comment on GPG's weird scale how I have verified keys as
# I appear to disagree on the official meanings of 1-3.
# If I sign a key, I have verified it to best of my ability. Also
# apparently it doesn't have much meaning anyway https://debian-administration.org/users/dkg/weblog/98
no-ask-cert-level
default-cert-level 0
# Count also the persona signatures for WoT if someone has those.
min-cert-level 1
# Ask when signatures expire.
ask-cert-expire
default-cert-expire 2y
# Copying https://we.riseup.net/riseuplabs+paow/openpgp-best-practices#update-your-gpg-defaults
# when outputting certificates, view user IDs distinctly from keys: