gpg: no-import-clean in hopes of avoiding data loss

.mikaela/gpg.conf

@@ -1,7 +1,6 @@
 # Options for GnuPG
 # Copyright 1998, 1999, 2000, 2001, 2002, 2003,
 #           2010 Free Software Foundation, Inc.
-#           2012 - 2020 Mikaela Suomalainen
 # This file is free software; as a special exception the author gives
 # unlimited permission to copy and/or distribute it, with or without
 # modifications, as long as this notice is preserved.
@@ -27,20 +26,22 @@
 #   NOTE! default-key is used instead of local-user as the latter cannot be
 #   overridden with flags (causing WTOP test to be signed with personal and
 #   WTOP keys)
-default-key mikaela@mikaela.info
-# if auto-key-lookup is used, this tells the recepient which WKD to check?
-sender mikaela@mikaela.info
+default-key suomalainen@mikaela.info
 # Has to be LONG key instead of fingerprint https://dev.gnupg.org/T4855
-trusted-key 0x99392F62BAE30723
-encrypt-to mikaela@mikaela.info
+#trusted-key 0x99392F62BAE30723
+# The above issue is resolved in 2.2.20
+trusted-key 69FF455A869F9031A691E0F199392F62BAE30723
+encrypt-to suomalainen@mikaela.info
 # WTOP (see comments above)
 #default-key mikaela+digitalents@mikaela.info
-#sender mikaela+digitalents@mikaela.info
 #trusted-key 0xDF046339D69EB8C9
 #encrypt-to mikaela+digitalents@mikaela.info
 
 # Ignore preferred keyserver and also import non-self-sigs
-keyserver-options no-honor-keyserver-url,no-self-sigs-only
+# WARNING! DoS hole!
+keyserver-options no-honor-keyserver-url,no-self-sigs-only,no-import-clean,no-import-minimal
+import-options no-self-sigs-only,no-import-clean,no-import-minimal
+
 # The defaults are apparently self-sigs-only,import-clean starting from
 # gpg 2.2.17, but there seem to be controversial views on them and I need
 # some not-self-sigs with `--fetch-keys`

gpg/gpg.conf

@@ -1,7 +1,6 @@
 # Options for GnuPG
 # Copyright 1998, 1999, 2000, 2001, 2002, 2003,
 #           2010 Free Software Foundation, Inc.
-#           2012 - 2020 Mikaela Suomalainen
 # This file is free software; as a special exception the author gives
 # unlimited permission to copy and/or distribute it, with or without
 # modifications, as long as this notice is preserved.
@@ -27,20 +26,22 @@
 #   NOTE! default-key is used instead of local-user as the latter cannot be
 #   overridden with flags (causing WTOP test to be signed with personal and
 #   WTOP keys)
-#default-key mikaela@mikaela.info # MIKAELA_GREP # MIKAELA_GREP_GPG
-# if auto-key-lookup is used, this tells the recepient which WKD to check?
-#sender mikaela@mikaela.info # MIKAELA_GREP # MIKAELA_GREP_GPG
+#default-key suomalainen@mikaela.info
 # Has to be LONG key instead of fingerprint https://dev.gnupg.org/T4855
-#trusted-key 0x99392F62BAE30723 # MIKAELA_GREP # MIKAELA_GREP_GPG
-#encrypt-to mikaela@mikaela.info # MIKAELA_GREP # MIKAELA_GREP_GPG
+#trusted-key 0x99392F62BAE30723
+# The above issue is resolved in 2.2.20
+#trusted-key 69FF455A869F9031A691E0F199392F62BAE30723
+#encrypt-to suomalainen@mikaela.info
 # WTOP (see comments above)
-#default-key mikaela+digitalents@mikaela.info # MIKAELA_GREP # MIKAELA_GREP_GPG
-#sender mikaela+digitalents@mikaela.info # MIKAELA_GREP # MIKAELA_GREP_GPG
-#trusted-key 0xDF046339D69EB8C9 # MIKAELA_GREP # MIKAELA_GREP_GPG
-#encrypt-to mikaela+digitalents@mikaela.info # MIKAELA_GREP # MIKAELA_GREP_GPG
+#default-key mikaela+digitalents@mikaela.info
+#trusted-key 0xDF046339D69EB8C9
+#encrypt-to mikaela+digitalents@mikaela.info
 
 # Ignore preferred keyserver and also import non-self-sigs
-keyserver-options no-honor-keyserver-url,no-self-sigs-only
+# WARNING! DoS hole!
+keyserver-options no-honor-keyserver-url,no-self-sigs-only,no-import-clean,no-import-minimal
+import-options no-self-sigs-only,no-import-clean,no-import-minimal
+
 # The defaults are apparently self-sigs-only,import-clean starting from
 # gpg 2.2.17, but there seem to be controversial views on them and I need
 # some not-self-sigs with `--fetch-keys`