On Mon, Jul 05, 2010 at 11:42:35AM +0200, Christoph Berg wrote: > Re: Franck Joncourt 2010-07-03 <20100703193921.ge1...@diamond.stones.lan> > > caff relies on gnupg default settings. And thus the user has to update his > > configuration to move from sha1 to sha256 by adding the following lines to > > caff's gnupg configuration file. > > I have been wondering about this for some time: why do we need a > separate GNUPGHOME at all? Using a separate keyring to store the new > signatures should be enough and would save us all sorts of key > copying. This would also nicely resolve this request. > > Re 527944, we shouldn't "fix" gnupg in caff.
I agree. Working with a different keyring seems a good idea and should solve the above problem. I glanced at gpg manual page, and it seems using the *keyring* option rather than the *homedir* one should make it. Setting up caff keyring as primary with the *primary-keyring* option so that imported and received keys will go to the caff keyring, should make us happy. No need exporting/importing our own keys anymore. If it works the way I understand, and it is doable with GNUPG::Interface, I think it definitely deserves an upgrade :) PS: I do not know why a separate GNUPGHOME has been preferred so far. -- Franck Joncourt
signature.asc
Description: Digital signature
