diff options
author | André Fabian Silva Delgado <emulatorman@parabola.nu> | 2014-08-25 01:03:08 -0300 |
---|---|---|
committer | André Fabian Silva Delgado <emulatorman@parabola.nu> | 2014-08-25 01:03:08 -0300 |
commit | b81a8cefb76c83103ebbbfc3a18883093be0b2f2 (patch) | |
tree | 7e1041d6a8f8deebc6dcaaabd0e430c11661ab8c /libre/pacman-parabola/gpg.conf | |
parent | cacbfb0d3ea1b4b372ec2a105a5233af242b650a (diff) | |
download | abslibre-b81a8cefb76c83103ebbbfc3a18883093be0b2f2.tar.gz abslibre-b81a8cefb76c83103ebbbfc3a18883093be0b2f2.tar.bz2 abslibre-b81a8cefb76c83103ebbbfc3a18883093be0b2f2.zip |
pacman-parabola: add parabola suffix for the package
Diffstat (limited to 'libre/pacman-parabola/gpg.conf')
-rw-r--r-- | libre/pacman-parabola/gpg.conf | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/libre/pacman-parabola/gpg.conf b/libre/pacman-parabola/gpg.conf new file mode 100644 index 000000000..7fc6fc661 --- /dev/null +++ b/libre/pacman-parabola/gpg.conf @@ -0,0 +1,50 @@ +# pacman-key default options +no-greeting +no-permission-warning +lock-never +keyserver-options timeout=20 + +# From duraconf +# personal digest preferences +personal-digest-preferences SHA512 + +# message digest algorithm used when signing a key +cert-digest-algo SHA512 + +# Set the list of default preferences to string. +# used for new keys and default for "setpref" +default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed + +# From +# https://crabgrass.riseup.net/riseuplabs+paow/openpgp-best-practices +# Only use secure keyservers +keyserver hkps://hkps.pool.sks-keyservers.net +keyserver-options ca-cert-file=~/.gnupg/sks-keyservers.netCA.pem +keyserver-options no-honor-keyserver-url + +# when outputting certificates, view user IDs distinctly from keys: +fixed-list-mode + +# short-keyids are trivially spoofed; it's easy to create a long-keyid +# collision; if you care about strong key identifiers, you always want +# to see the fingerprint: +keyid-format 0xlong +fingerprint + +# when multiple digests are supported by all recipients, choose the +# strongest one: +personal-digest-preferences SHA512 SHA384 SHA256 SHA224 + +# If you use a graphical environment (and even if you don't) +# you should be using an agent: (similar arguments as +# https://www.debian-administration.org/users/dkg/weblog/64) +use-agent + +# You should always know at a glance which User IDs gpg thinks are +# legitimately bound to the keys in your keyring: +verify-options show-uid-validity +list-options show-uid-validity + +# include an unambiguous indicator of which key made a signature: (see +# http://thread.gmane.org/gmane.mail.notmuch.general/3721/focus=7234) +sig-notation issuer-fpr@notations.openpgp.fifthhorseman.net=%g |