gpg.conf: trusted-key, cert levels, cert expiry
This commit is contained in:
parent
34c259c2ac
commit
ca1bebb094
GPG Key ID:
99392F62BAE30723
|
|
@ -22,8 +22,10 @@
|
|||
|
||||
# Use my key by default
|
||||
local-user 0x99392F62BAE30723
|
||||
trusted-key 0x99392F62BAE30723
|
||||
# WTOP
|
||||
#local-user 0xDC189FE6FA9BD685
|
||||
#trusted-key 0xDC189FE6FA9BD685
|
||||
|
||||
# Ignore preferred keyserver
|
||||
keyserver-options no-honor-keyserver-url
|
||||
|
|
@ -39,7 +41,6 @@ keyserver-options no-honor-keyserver-url
|
|||
auto-key-retrieve
|
||||
auto-key-locate local,wkd
|
||||
|
||||
|
||||
# Encrypt to sender's key by default
|
||||
default-recipient-self
|
||||
|
||||
|
|
@ -61,9 +62,18 @@ keyid-format 0xLONG
|
|||
with-fingerprint
|
||||
with-wkd-hash
|
||||
|
||||
# Ask everything
|
||||
ask-cert-level
|
||||
# I refuse to comment on GPG's weird scale how I have verified keys as
|
||||
# I appear to disagree on the official meanings of 1-3.
|
||||
# If I sign a key, I have verified it to best of my ability. Also
|
||||
# apparently it doesn't have much meaning anyway https://debian-administration.org/users/dkg/weblog/98
|
||||
no-ask-cert-level
|
||||
default-cert-level 0
|
||||
# Count also the persona signatures for WoT if someone has those.
|
||||
min-cert-level 1
|
||||
|
||||
# Ask when signatures expire.
|
||||
ask-cert-expire
|
||||
default-cert-expire 2y
|
||||
|
||||
# Copying https://we.riseup.net/riseuplabs+paow/openpgp-best-practices#update-your-gpg-defaults
|
||||
# when outputting certificates, view user IDs distinctly from keys:
|
||||
|
|
|
|||
16
gpg/gpg.conf
16
gpg/gpg.conf
|
|
@ -22,8 +22,11 @@
|
|||
|
||||
# Use my key by default
|
||||
#local-user 0x99392F62BAE30723 # MIKAELA_GREP # MIKAELA_GREP_GPG
|
||||
#trusted-key 0x99392F62BAE30723 # MIKAELA_GREP # MIKAELA_GREP_GPG
|
||||
|
||||
# WTOP
|
||||
#local-user 0xDC189FE6FA9BD685 # MIKAELA_GREP # MIKAELA_GREP_GPG
|
||||
#trusted-key 0xDC189FE6FA9BD685 # MIKAELA_GREP # MIKAELA_GREP_GPG
|
||||
|
||||
# Ignore preferred keyserver
|
||||
keyserver-options no-honor-keyserver-url
|
||||
|
|
@ -61,9 +64,18 @@ keyid-format 0xLONG
|
|||
with-fingerprint
|
||||
with-wkd-hash
|
||||
|
||||
# Ask everything
|
||||
ask-cert-level
|
||||
# I refuse to comment on GPG's weird scale how I have verified keys as
|
||||
# I appear to disagree on the official meanings of 1-3.
|
||||
# If I sign a key, I have verified it to best of my ability. Also
|
||||
# apparently it doesn't have much meaning anyway https://debian-administration.org/users/dkg/weblog/98
|
||||
no-ask-cert-level
|
||||
default-cert-level 0
|
||||
# Count also the persona signatures for WoT if someone has those.
|
||||
min-cert-level 1
|
||||
|
||||
# Ask when signatures expire.
|
||||
ask-cert-expire
|
||||
default-cert-expire 2y
|
||||
|
||||
# Copying https://we.riseup.net/riseuplabs+paow/openpgp-best-practices#update-your-gpg-defaults
|
||||
# when outputting certificates, view user IDs distinctly from keys:
|
||||
|
|
|
|||
Loading…
Reference in New Issue