| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Causes more problems than it solves now. Just need to consistently use
new versions.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Pretty sure I just got hit by this:
<https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We have to do this because gpg.conf doesn't understand tilde or
environment variable expansion in the configuration file, and the only
reliable way to make the ca-cert-file option work between different
implementations of gpg(1) and its cURL link is to explicitly specify the
path to the CA file.
This is probably a better approach than installing the thing as a
trusted system CA anyway, which requires root privileges that I don't
really want to assume anyone installing this has.
I'm also including the CA, CRL, and .pem for the SKS keyservers in this
commit. This seems a lesser evil than trying to pull them with cURL or
wget at make(1) time.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
<https://we.riseup.net/riseuplabs+paow/openpgp-best-practices#consider-making-your-default-keyserver-use-a-keyse>
The keyserver pool CA needs to be installed for this to work. On Debian:
# curl https://sks-keyservers.net/sks-keyservers.netCA.pem \
> /usr/local/share/ca-certificates/sks-keyservers.netCA.crt
# update-ca-certificates
|
| |
|
|
|
|
| |
<https://we.riseup.net/riseuplabs+paow/openpgp-best-practices>
|
| |
|
| |
|
|
|