From 6eb14f184fb9a0a3d9a8f929d47e22926de7ffad Mon Sep 17 00:00:00 2001
From: ilf <ilf@zeromail.org>
Date: Sat, 9 Sep 2017 17:29:47 +0000
Subject: [PATCH] gpg.conf: adjust to upstream changes in 2.1

rework gpg.conf based on upstream changes

- default key: unneccessary
- behavior: merged upstream in 2.1
- keyserver: merged upstream in 2.1 (and some now set in dirmngr.conf)
- personal-cipher-preferences: merged upstream
---
 configs/gnupg/gpg.conf | 80 ------------------------------------------
 1 file changed, 80 deletions(-)

diff --git a/configs/gnupg/gpg.conf b/configs/gnupg/gpg.conf
index 61c0350..496360a 100644
--- a/configs/gnupg/gpg.conf
+++ b/configs/gnupg/gpg.conf
@@ -1,83 +1,3 @@
-#
-# This is an implementation of the Riseup OpenPGP Best Practices
-# https://help.riseup.net/en/security/message-security/openpgp/best-practices
-#
-
-
-#-----------------------------
-# default key
-#-----------------------------
-
-# The default key to sign with. If this option is not used, the default key is
-# the first key found in the secret keyring
-
-#default-key 0xD8692123C4065DEA5E0F3AB5249B39D24F25E3B6
-
-
-#-----------------------------
-# behavior
-#-----------------------------
-
-# Disable inclusion of the version string in ASCII armored output
-no-emit-version
-
-# Disable comment string in clear text signatures and ASCII armored messages
-no-comments
-
-# Display long key IDs
-keyid-format 0xlong
-
-# List all keys (or the specified ones) along with their fingerprints
-with-fingerprint
-
-# Display the calculated validity of user IDs during key listings
-list-options show-uid-validity
-verify-options show-uid-validity
-
-# Try to use the GnuPG-Agent. With this option, GnuPG first tries to connect to
-# the agent before it asks for a passphrase.
-use-agent
-
-
-#-----------------------------
-# keyserver
-#-----------------------------
-
-# This is the server that --recv-keys, --send-keys, and --search-keys will
-# communicate with to receive keys from, send keys to, and search for keys on
-keyserver hkps://hkps.pool.sks-keyservers.net
-
-# Provide a certificate store to override the system default
-# Get this from https://sks-keyservers.net/sks-keyservers.netCA.pem
-keyserver-options ca-cert-file=/usr/local/etc/ssl/certs/hkps.pool.sks-keyservers.net.pem
-
-# Set the proxy to use for HTTP and HKP keyservers - default to the standard
-# local Tor socks proxy
-# It is encouraged to use Tor for improved anonymity. Preferrably use either a
-# dedicated SOCKSPort for GnuPG and/or enable IsolateDestPort and
-# IsolateDestAddr
-#keyserver-options http-proxy=socks5-hostname://127.0.0.1:9050
-
-# Don't leak DNS, see https://trac.torproject.org/projects/tor/ticket/2846
-keyserver-options no-try-dns-srv
-
-# When using --refresh-keys, if the key in question has a preferred keyserver
-# URL, then disable use of that preferred keyserver to refresh the key from
-keyserver-options no-honor-keyserver-url
-
-# When searching for a key with --search-keys, include keys that are marked on
-# the keyserver as revoked
-keyserver-options include-revoked
-
-
-#-----------------------------
-# algorithm and ciphers
-#-----------------------------
-
-# list of personal digest preferences. When multiple digests are supported by
-# all recipients, choose the strongest one
-personal-cipher-preferences AES256 AES192 AES CAST5
-
 # list of personal digest preferences. When multiple ciphers are supported by
 # all recipients, choose the strongest one
 personal-digest-preferences SHA512 SHA384 SHA256 SHA224