On 02/17/2017 09:46 PM, si...@web.de wrote: > Am 17.02.2017 um 20:43 schrieb Kristian Fiskerstrand: >> On 02/17/2017 07:17 PM, Kristian Fiskerstrand wrote:
>> >> That change would also be consistent with >> https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=8fb482252436b3b4b0b33663d95d1d17188ad1d9 >> > >> > Not quite sure I get this. > > So what this means is that effectively gnupg still uses plaintext > connections to update public keys by default, does it not? Yes (if not a tor configuration locally) > If the > change I suggested is not correct, shouldn't we find another way to > use secure connection by default whenever possible? Probably nitpick, but it would likely increase privacy - not security. > > As it is now, the default fallback mentioned in the referenced commit > never takes effect as long as the skel file is used. > Never would be inaccurate; kristianf@ares ~/workspace $ mkdir abc kristianf@ares ~/workspace $ gpg --homedir abc --recv-key 94CBAFDD30345109561835AA0B7F8B60E3EDFAE3 -- ---------------------------- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk ---------------------------- Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 ---------------------------- Qui audet vincit Who dares wins
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users