On 07/26/2018 06:50 PM, Ralf Mardorf wrote: > On Thu, 26 Jul 2018 18:30:01 -0400, Eli Schwartz via arch-general wrote: >> What does the "web bug" have to do with this discussion? > > It's a hint that not every user likes 'auto-key-retrieve', but instead > only manually retrieve keys, if it makes sense to the user to retrieve > a key. I don't see a valid reason, to e.g. retrieve the keys that > belong to an unknown signature of an email send via a mailing list, > just to get automatically keys when building something from AUR. I'm > surprised that you don't question the recommendation to use > 'auto-key-retrieve' without providing this hint. I don't care much > about a privacy risk, but I don't see a reason to collect unneeded keys. Ah, so, as I expected, it was just a standard prototypical offtopic derail. Thanks for clarifying. > Could you explain why it's useful to collect each key that belongs to > an email signature, that is completely irrelevant to you, just to > automatically add keys that are required to build a package from AUR, > too? echo 'GNUPGHOME="$HOME"/.gnupg-makepkg' >> "$HOME"/.config/pacman/makepkg.conf Problem solved. -- Eli Schwartz Bug Wrangler and Trusted User
Attachment:
signature.asc
Description: OpenPGP digital signature
