INN commit: branches/2.6/control (

INN Commit rra at
Thu Nov 12 20:24:35 UTC 2020

    Date: Thursday, November 12, 2020 @ 12:24:35
  Author: iulius
Revision: 10399

perl-nocem:  document the use of gpg1 to import old PGP keys


---------------+ |   12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

---	2020-11-12 20:23:42 UTC (rev 10398)
+++	2020-11-12 20:24:35 UTC (rev 10399)
@@ -540,7 +540,9 @@
 Import the keys of the NoCeM issuers you trust in order to check
 the authenticity of their notices.  You can do:
-    gpg --no-default-keyring --primary-keyring <pathetc>/pgp/ncmring.gpg --import <key-file>
+    gpg1 --no-default-keyring --primary-keyring <pathetc>/pgp/ncmring.gpg \
+         --no-options --allow-non-selfsigned-uid --no-permission-warning \
+         --batch --import <key-file>
     chmod 644 <pathetc>/pgp/ncmring.gpg
 where <pathetc> is the value of the I<pathetc> parameter set in
@@ -550,10 +552,10 @@
 automatically generate the F<ncmring.gpg> file) and make sure the news
 user can read this file, once generated.
-For old PGP-generated keys, you may have to use
-B<--allow-non-selfsigned-uid> if they are not properly self-signed,
-but anyone creating a key really should self-sign the key.  Current PGP
-implementations do this automatically.
+As a few NoCeM issuers are still using old PGP-generated keys, you
+may have to use B<gpg1> with various legacy options in command-line
+(like in the example above) instead of more recent versions of B<gpg>
+that no longer accept such keys.
 The keys of NoCeM issuers can be found in the web site of I<The NoCeM Registry>:
 L<>.  You can even

More information about the inn-committers mailing list