[Gpg4win-users-en] HKPS key servers? and other configuration questions...
Insert Real Name
insertrealname at yahoo.ca
Sun Sep 20 23:58:07 CEST 2015
I've searched the email list, but haven't found any answers: does the
current gpg4win version 2.2.6 support hkps key servers?
In the hkps configuration instructions at
https://sks-keyservers.net/overview-of-pools.php these are the example
gpg.conf options:
keyserver hkps://hkps.pool.sks-keyservers.net
keyserver-options ca-cert-file=/path/to/CA/sks-keyservers.netCA.pem
On the Windows platform, how should a path like
"C:\Misc\Certs\gnupg\sks-keyservers.netCA.pem" be properly formatted?
Forward slashes and the colon replaced by something else?
On the same sks-keyservers.net page, there is also achange to be made to
dirmngr.conf:
hkp-cacert /path/to/CA/sks-keyservers.netCA.pem
Is that something necessary as well?
Finally, which recommended high security gpg.conf options for the
command line use of gpg2.exe on the OpenPGP Best Practices page at
https://help.riseup.net/en/security/message-security/openpgp/best-practices
and
https://raw.githubusercontent.com/ioerror/duraconf/master/configs/gnupg/gpg.conf
will *interfere* with Kleopatra functioning correctly? Or
superfluous/unnecessary in the gpg4win default installation? I'm
thinking of only those options which are maybe justifiable to tighten
security defaults in a non-extreme/non-tinfoil manner:
keyserver-options no-honor-keyserver-url
keyid-format 0xlong
with-fingerprint
no-emit-version
no-comments
list-options show-uid-validity
verify-options show-uid-validity
personal-cipher-preferences AES256 AES192 AES CAST5
personal-digest-preferences SHA512 SHA384 SHA256 SHA224
cert-digest-algo SHA512
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES
CAST5 ZLIB BZIP2 ZIP Uncompressed
Any comments?
More information about the Gpg4win-users-en
mailing list