diff options
Diffstat (limited to '.gnupg/gpg.conf')
| -rw-r--r-- | .gnupg/gpg.conf | 130 |
1 files changed, 0 insertions, 130 deletions
diff --git a/.gnupg/gpg.conf b/.gnupg/gpg.conf deleted file mode 100644 index 258c10e..0000000 --- a/.gnupg/gpg.conf +++ /dev/null @@ -1,130 +0,0 @@ -##################################################################### -# GnuPG configuration file -# ~/.gnupg/gpg.conf -# -# Based on Github: ioerror/duraconf's configuration: -# https://github.com/ioerror/duraconf/blob/master/configs/gnupg/gpg.conf -# -# Reference: -# [1] Riseup: OpenPGP Best Practices -# https://help.riseup.net/en/gpg-best-practices -# [2] Secure GnuPG configuration -# http://sparkslinux.wordpress.com/2013/07/09/secure-gnupg-configuration -# -# Weitian LI <liweitianux@gmail.com> -# Created: 2014/06/12 -# Updated: 2015/08/19 -##################################################################### - -#----------------------------- -# default key -#----------------------------- - -# The default key to sign with. If this option is not used, the default key is -# the first key found in the secret keyring -default-key 0xAC3464FADAAE632186099CA6240E2A635D72729A - -#----------------------------- -# behavior -#----------------------------- - -# Uncomment the following option to get rid of the copyright notice -no-greeting - -# create ASCII armored output (default is binary OpenPGP format) -#armor - -# If you do not use the Latin-1 (ISO-8859-1) charset, you should tell -# GnuPG which is the native character set. Please check the man page -# for supported character sets. This character set is only used for -# metadata and not for the actual message which does not undergo any -# translation. Note that future version of GnuPG will change to UTF-8 -# as default character set. -charset utf-8 - -# Disable inclusion of the version string in ASCII armored output -no-emit-version - -# Disable comment string in clear text signatures and ASCII armored messages -no-comments - -# Display long key IDs -keyid-format 0xlong - -# List all keys (or the specified ones) along with their fingerprints -with-fingerprint - -# Display the calculated validity of user IDs during key listings -list-options show-uid-validity -verify-options show-uid-validity - -# Try to use the GnuPG-Agent. With this option, GnuPG first tries to connect to -# the agent before it asks for a passphrase. -use-agent - -#----------------------------- -# keyserver -#----------------------------- - -# This is the server that --recv-keys, --send-keys, and --search-keys will -# communicate with to receive keys from, send keys to, and search for keys on -#keyserver hkp://pool.sks-keyservers.net -keyserver hkps://hkps.pool.sks-keyservers.net - -# Provide a certificate store to override the system default -# Get this from https://sks-keyservers.net/sks-keyservers.netCA.pem -# option 'ca-cert-file' is obsolete. (GnuPG >= 2.1) -#keyserver-options ca-cert-file=~/dotfiles/.gnupg/sks-keyservers.netCA.pem - -# Set the proxy to use for HTTP and HKP keyservers - default to the standard -# local Tor socks proxy -# It is encouraged to use Tor for improved anonymity. Preferrably use either a -# dedicated SOCKSPort for GnuPG and/or enable IsolateDestPort and -# IsolateDestAddr -#keyserver-options http-proxy=socks5-hostname://127.0.0.1:9050 -# Don't leak DNS, see https://trac.torproject.org/projects/tor/ticket/2846 -# XXX: unknown to gnupg 2.1.7 -#keyserver-options no-try-dns-srv - -# When using --refresh-keys, if the key in question has a preferred keyserver -# URL, then disable use of that preferred keyserver to refresh the key from -keyserver-options no-honor-keyserver-url - -# When searching for a key with --search-keys, include keys that are marked on -# the keyserver as revoked -keyserver-options include-revoked - -# Automatic retrieve keys from a keyserver when verifying signatures made by -# keys that are not on the local keyring. -# NOTE: This option makes a "web bug" like behavior possible. -# Keyserver operators can see which keys you rquest, so by sending -# you a message signed by a brand new key (which you naturally will -# not have on your local keyring), the operator can tell both your -# IP address and the time when you verified the signature. -keyserver-options auto-key-retrieve - -#----------------------------- -# algorithm and ciphers -#----------------------------- - -# list of personal digest preferences. When multiple digests are supported by -# all recipients, choose the strongest one -#personal-cipher-preferences AES256 TWOFISH AES192 AES -personal-cipher-preferences AES256 AES192 AES CAST5 - -# list of personal digest preferences. When multiple ciphers are supported by -# all recipients, choose the strongest one -personal-digest-preferences SHA512 SHA384 SHA256 SHA224 - -# list of personal compress preferences -personal-compress-preferences ZLIB BZIP2 ZIP - -# message digest algorithm used when signing a key -cert-digest-algo SHA512 - -# This preference list is used for new keys and becomes the default for -# "setpref" in the edit menu -#default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 TWOFISH AES192 AES ZLIB BZIP2 ZIP Uncompressed -default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed - -# vim: set ts=8 sw=4 tw=0 fenc=utf-8 ft=gpg: # |