Diffusion GnuPG 2b7151b0a57f

gpg: Add "self-sigs-only" and "import-clean" to the keyserver options.

Authored by werner on Jul 4 2019, 3:45 PM.

Description

gpg: Add "self-sigs-only" and "import-clean" to the keyserver options.

* g10/gpg.c (main): Change default.

Due to the DoS attack on the keyeservers we do not anymore default to
import key signatures. That makes the keyserver unsuable for getting
keys for the WoT but it still allows to retriev keys - even if that
takes long to download the large keyblocks.

To revert to the old behavior add

keyserver-optiions  no-self-sigs-only,no-import-clean

to gpg.conf.

(cherry picked from commit 23c978640812d123eaffd4108744bdfcf48f7c93)

  • GnuPG-bug-id: T4607
  • Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Committed
wernerJul 4 2019, 3:59 PM
Parents
rG4cbd058a3da9: gpg: Avoid printing false AKL error message.
Branches
Unknown
Tags
Unknown
Tasks
T4607: enable `import-clean` by default