Expected behaviour setting TOFU policy

2018-02-15 Thread Konstantin Ryabitsev
Hi, all: I am not sure if what I am experiencing is expected TOFU behaviour or not, and I'm hoping someone can help me figure that out. I'll show on a live example (skipping irrelevant output). This is gnupg-2.2.4 on Fedora 26. [user@disp1132 ~]$ export GNUPGHOME=$(mktemp -d)

Configuration for offline usage - best practice tips?

2018-02-15 Thread Juergen Christoffel
Hi folks, I'm looking for best practice tips for offline usage of GnuPG. What Do I mean by offline usage? I plan to encrypt backups or files on my machines with GnuPG and generate weekly or monthly keys for that purpose so backups for example can run unattended and simply encrypt with today's

RE: How can we utilize latest GPG from RPM repository?

2018-02-15 Thread Lightner, Jeffrey
CentOS isn't a vendor. It is a project that does binary compiles of RHEL sources. RedHat is the vendor that creates RHEL and its source is used to make CentOS. RHEL is supported by RedHat if you have a subscription. CentOS has no direct support though RedHat hosts the project nowadays.

Re: Huawei manual about Gnupg

2018-02-15 Thread Robert J. Hansen
> Could you please take a look at it and make some suggestions to > Huawei to improve it. Thank you! The documentation we create is free for the world to use for any purpose. If Huawei wants to use it, they can, so long as they respect the license. But so long as Huawei is selling proprietary

RE: How can we utilize latest GPG from RPM repository?

2018-02-15 Thread edgar
On Feb 15, 2018 9:06 AM, "Lightner, Jeffrey" wrote: > > What you’re missing is WHY you want a later upstream version.   Is there a > specific feature you’re needing that isn’t in the one that comes with your > distro? > >   > > You can’t have it both ways:  You want

Re: How can we utilize latest GPG from RPM repository?

2018-02-15 Thread helices
Jeffrey, please, your ad hominem accusations are not helpful. You said, "What you’re missing is WHY you want a later upstream version." How do you know that I'm missing that? That "why" is not at all relevant to my question. You said, "You can’t have it both ways: You want to stay on a stable

RE: How can we utilize latest GPG from RPM repository?

2018-02-15 Thread Lightner, Jeffrey
What you’re missing is WHY you want a later upstream version. Is there a specific feature you’re needing that isn’t in the one that comes with your distro? You can’t have it both ways: You want to stay on a stable distro/version which is the raison d’etre for RHEL/CentOS but want to have

Re: How can we utilize latest GPG from RPM repository?

2018-02-15 Thread helices
Yes, I know that. In general, that scheme works well. However, in another case, rsyslog, a certain function has been broken for many years, and the only fix is to track the developers' most recent versions. In that case, the developers maintain their own repository: http://rpms.adiscon.com ;

Re: How can we utilize latest GPG from RPM repository?

2018-02-15 Thread Dirk Gottschalk via Gnupg-users
Hi. Am Mittwoch, den 14.02.2018, 14:20 -0600 schrieb helices: > CentOS 7 uses gnupg2 v2.0.22. EPEL doesn't have anything newer. > We want to move to v2.2.x, and stay current, but we don't want to > download > source and compile for dozens of systems. > We want all users to be using the same