security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

gpg: Do not use honor-keyserver-url sub-option by default.

This commit is contained in:
Werner Koch 2015-04-21 15:46:13 +02:00
parent ae0d65f864
commit 727fe4f8d7
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
doc/gpg.texi
View File

@ -1586,12 +1586,14 @@ are available for all keyserver types, some common options are:
keyserver URL, then use that preferred keyserver to refresh the key
from. In addition, if auto-key-retrieve is set, and the signature
being verified has a preferred keyserver URL, then use that preferred
keyserver to fetch the key from. Defaults to yes.
keyserver to fetch the key from. Note that this option introduces a
"web bug": The creator of the key can see when the keys is
refreshed. Thus this option is not enabled by default.
@item honor-pka-record
If auto-key-retrieve is set, and the signature being verified has a
PKA record, then use the PKA information to fetch the key. Defaults
to yes.
to "yes".
@item include-subkeys
When receiving a key, include subkeys as potential targets. Note that

3
g10/gpg.c
View File

@ -2128,8 +2128,7 @@ main (int argc, char **argv)
opt.export_options = EXPORT_ATTRIBUTES;
opt.keyserver_options.import_options = IMPORT_REPAIR_PKS_SUBKEY_BUG;
opt.keyserver_options.export_options = EXPORT_ATTRIBUTES;
opt.keyserver_options.options = (KEYSERVER_HONOR_KEYSERVER_URL
| KEYSERVER_HONOR_PKA_RECORD );
opt.keyserver_options.options = KEYSERVER_HONOR_PKA_RECORD;
opt.verify_options = (LIST_SHOW_UID_VALIDITY
| VERIFY_SHOW_POLICY_URLS
| VERIFY_SHOW_STD_NOTATIONS