On 18/02/18 00:06, helices wrote: > I will probably never understand why wanting to run the most current > version of gnupg on a plethora of servers is controversial.
I don't think it is. I'm sorry your question didn't get answered satisfactorily; that's just how things can go on community mailing lists. I appreciate your well-formulated arguments for running GnuPG v.2.2. > However, let it be said here and now, if the gnupg community wants the > use of gnupg to spread far further than a clique of geeks, making its > use easier for non-geeks is probably the simplest and most direct way. I really don't think that it is the task for any upstream to provide packages for distributions. That truly is what the distributions themselves are for. For some upstreams it might make sense to provide their own packages for certain distributions, but I think it's more the exception that the norm. > Are there any other questions before I get a direct answer to my > original subject question? Since nobody answered with "Oh yeah I happen to package it myself, if you trust me, you can get it here" or "Oh yeah I know of this person who packages them", etcetera, my guess is that nobody knows of such a packaging effort. It's hard to answer affirmatively if you don't know the affirmative answer :-). Can I point out that even though you did not like Jeffrey Lightner's response, Dirk Gottschalk and Konstantin Ryabitsev also replied? If you could indeed just recompile the Fedora packages, that seems like a pretty direct route. You do become responsible for updates and "security support" yourself (in what sense is it still support if you do it yourself, but hey). And I wonder if perhaps your interpretation of Jeffrey Lightner's words was a bit more abrasive than he intended them to be when he wrote those words, but that is something only Jeffrey Lightner himself can definitively answer. Back to the matter at hand. Is it possible for CentOS to provide newer packages than RHEL? I surmise RHEL will probably not listen to you unless you get a paid support contract. If CentOS cannot significantly deviate from RHEL, there doesn't seem to be a gratis way to influence package versions for CentOS, right? You're dependent on someone providing packages outside of the distribution proper. Note, by the way, that interoperability between GnuPG 1.4 and 2.1/2.2 is not that great, and that often distributions rely on GnuPG in their internals, meaning there might not be a way to remove GnuPG 1.4 from a system. It's why Debian deprecated 1.4 before packaging 2.1, so people would not usually have a system where both are installed. If CentOS 7 relies on GnuPG 1.4, you will need to be careful with 2.1/2.2. Their keyrings can get out-of-sync. I'm sorry I don't have a ready answer; if I did, I'd have offered it days ago... Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users