From cc39aa3a2ebcfa243e691ed6f3a811862ac45e0d Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Tue, 18 Sep 2018 21:37:28 +0300
Subject: [PATCH] gpg.conf: comment things I don't understand etc.

keyserver is not needed with GPGv2, I have no idea what some of those
options do and thus have suspect that they make my GPG more insecure and
I have used MATE for years and don't have eog available.
---
 .mikaela/gpg.conf | 46 +++++++++++++++++++++++-----------------------
 gpg/gpg.conf      | 34 +++++++++++++++++-----------------
 2 files changed, 40 insertions(+), 40 deletions(-)

diff --git a/.mikaela/gpg.conf b/.mikaela/gpg.conf
index 4d98a76f..ec6c5e50 100644
--- a/.mikaela/gpg.conf
+++ b/.mikaela/gpg.conf
@@ -1,11 +1,11 @@
 # Options for GnuPG
 # Copyright 1998, 1999, 2000, 2001, 2002, 2003,
 #           2010 Free Software Foundation, Inc.
-#           2012 - 2016 Mikaela Suomalainen
+#           2012 - 2018 Mikaela Suomalainen
 # This file is free software; as a special exception the author gives
 # unlimited permission to copy and/or distribute it, with or without
 # modifications, as long as this notice is preserved.
-# 
+#
 # This file is distributed in the hope that it will be useful, but
 # WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
 # implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
@@ -21,7 +21,7 @@
 # See the man page for a list of options.
 
 # This is one of the most used keyservers as far as I know.
-keyserver hkp://pool.sks-keyservers.net
+#keyserver hkp://pool.sks-keyservers.net
 keyserver-options auto-key-retrieve no-include-revoked
 #import-clean
 
@@ -29,19 +29,19 @@ keyserver-options auto-key-retrieve no-include-revoked
 auto-key-locate keyserver
 
 # Use my key by default
-default-key 0x0C207F07B2F32B67 
+default-key 0x0C207F07B2F32B67
 
 # Encrypt to sender's key by default
 default-recipient-self
 
 # Always encrypt to my key
-encrypt-to 0x0C207F07B2F32B67 
+encrypt-to 0x0C207F07B2F32B67
 
 # Use UTF-8 charset
 charset UTF-8
 display-charset utf-8
 
-# use GPG Agent to avoid retyping passphrase very ofoten.
+# use GPG Agent to avoid retyping passphrase very often.
 use-agent
 
 # Do everything in ASCII format by default instead of binary
@@ -49,33 +49,33 @@ armor
 
 # Note to self: import-clean = delete signatures from unknown keys || import-minimal = remove all signatures from keys.
 
-personal-cipher-preferences AES256,AES192,AES,CAST5,3DES
-personal-digest-preferences SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5
-personal-compress-preferences BZIP2,ZLIB,ZIP
+#personal-cipher-preferences AES256,AES192,AES,CAST5,3DES
+#personal-digest-preferences SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5
+#personal-compress-preferences BZIP2,ZLIB,ZIP
 
-# Default preferences 
-default-preference-list AES256,AES192,AES,CAST5,3DES SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5 BZIP2,ZLIB,ZIP
-default-keyserver-url hkp://pool.sks-keyservers.net
+# Default preferences
+#default-preference-list AES256,AES192,AES,CAST5,3DES SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5 BZIP2,ZLIB,ZIP
+#default-keyserver-url hkp://pool.sks-keyservers.net
 
 # Forcing preferred settings even if it's against OpenPGP standards
-cert-digest-algo SHA512
-digest-algo SHA512
-compress-algo BZIP2
+#cert-digest-algo SHA512
+#digest-algo SHA512
+#compress-algo BZIP2
 
-no-allow-non-selfsigned-uid
-allow-multiple-messages
+#no-allow-non-selfsigned-uid
+#allow-multiple-messages
 
 # Show the LONG KEYID and fingerprint by default and tell that it's hexadecimal string.
 keyid-format 0xLONG
 with-fingerprint
 
 # Use Eye Of Gnome as default image viewer
-photo-viewer eog %i
+photo-viewer eom %i
 
 # The default to use for the check level when signing a key.
 #default-cert-level 2
 
-lock-multiple
+#lock-multiple
 
 expert
 #verbose
@@ -83,8 +83,8 @@ expert
 #verbose
 
 # Teach to be careful with sensitive things by exporting them like everything else
-import-options import-local-sigs import-clean
-export-options export-local-sigs export-attributes export-sensitive-revkeys export-clean
+#import-options import-local-sigs import-clean
+#export-options export-local-sigs export-attributes export-sensitive-revkeys export-clean
 
 # Ask everything
 ask-cert-level
@@ -99,6 +99,6 @@ list-options show-uid-validity
 
 # Add comments to things signed/encrypted by gpg
 comment Website: https://mikaela.info/
-#comment Public key: https://mikaela.info/PGP/0xB2F32B67.txt
-#comment gpg --fetch-keys https://mikaela.info/PGP/0xB2F32B67.txt
+comment Public key: https://mikaela.info/PGP/0xB2F32B67.txt
+comment gpg --fetch-keys https://mikaela.info/PGP/0xB2F32B67.txt
 comment Fingerprint = 2910 4A46 C561 5BF9 78A0 83F2 0C20 7F07 B2F3 2B67
diff --git a/gpg/gpg.conf b/gpg/gpg.conf
index 30eceb71..912c56a5 100644
--- a/gpg/gpg.conf
+++ b/gpg/gpg.conf
@@ -1,7 +1,7 @@
 # Options for GnuPG
 # Copyright 1998, 1999, 2000, 2001, 2002, 2003,
 #           2010 Free Software Foundation, Inc.
-#           2012 - 2016 Mikaela Suomalainen
+#           2012 - 2018 Mikaela Suomalainen
 # This file is free software; as a special exception the author gives
 # unlimited permission to copy and/or distribute it, with or without
 # modifications, as long as this notice is preserved.
@@ -21,7 +21,7 @@
 # See the man page for a list of options.
 
 # This is one of the most used keyservers as far as I know.
-keyserver hkp://pool.sks-keyservers.net
+#keyserver hkp://pool.sks-keyservers.net
 keyserver-options auto-key-retrieve no-include-revoked
 #import-clean
 
@@ -41,7 +41,7 @@ default-recipient-self
 charset UTF-8
 display-charset utf-8
 
-# use GPG Agent to avoid retyping passphrase very ofoten.
+# use GPG Agent to avoid retyping passphrase very often.
 use-agent
 
 # Do everything in ASCII format by default instead of binary
@@ -49,33 +49,33 @@ armor
 
 # Note to self: import-clean = delete signatures from unknown keys || import-minimal = remove all signatures from keys.
 
-personal-cipher-preferences AES256,AES192,AES,CAST5,3DES
-personal-digest-preferences SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5
-personal-compress-preferences BZIP2,ZLIB,ZIP
+#personal-cipher-preferences AES256,AES192,AES,CAST5,3DES
+#personal-digest-preferences SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5
+#personal-compress-preferences BZIP2,ZLIB,ZIP
 
 # Default preferences 
-default-preference-list AES256,AES192,AES,CAST5,3DES SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5 BZIP2,ZLIB,ZIP
-default-keyserver-url hkp://pool.sks-keyservers.net
+#default-preference-list AES256,AES192,AES,CAST5,3DES SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5 BZIP2,ZLIB,ZIP
+#default-keyserver-url hkp://pool.sks-keyservers.net
 
 # Forcing preferred settings even if it's against OpenPGP standards
-cert-digest-algo SHA512
-digest-algo SHA512
-compress-algo BZIP2
+#cert-digest-algo SHA512
+#digest-algo SHA512
+#compress-algo BZIP2
 
-no-allow-non-selfsigned-uid
-allow-multiple-messages
+#no-allow-non-selfsigned-uid
+#allow-multiple-messages
 
 # Show the LONG KEYID and fingerprint by default and tell that it's hexadecimal string.
 keyid-format 0xLONG
 with-fingerprint
 
 # Use Eye Of Gnome as default image viewer
-photo-viewer eog %i
+photo-viewer eom %i
 
 # The default to use for the check level when signing a key.
 #default-cert-level 2
 
-lock-multiple
+#lock-multiple
 
 expert
 #verbose
@@ -83,8 +83,8 @@ expert
 #verbose
 
 # Teach to be careful with sensitive things by exporting them like everything else
-import-options import-local-sigs import-clean
-export-options export-local-sigs export-attributes export-sensitive-revkeys export-clean
+#import-options import-local-sigs import-clean
+#export-options export-local-sigs export-attributes export-sensitive-revkeys export-clean
 
 # Ask everything
 ask-cert-level