Thursday, July 28, 2011

caff harmful unless you know what you're doing

So there are two things I stumbled upon with caff:
  • If you have two keys, you want to set $CONFIG{'local-user'} to the content of $CONFIG{'keyid'}. For some reason unbeknownst to me this option is not even listed in the configuration file template. keyid does something different that you'd expect…
  • More importantly it uses its own gpg.conf for whatever reason (probably because it sets its own GnuPG homedir and does not override the configuration file location). So if you, like me, put the right settings for strong signatures into ~/.gnupg/gpg.conf, you need to replicate them into ~/.caff/gnupghome/gpg.conf.
Thanks to Tom Marble for the hint. I'm still sad that I'd basically need to re-do yesterday's keysigning (which was about 100 e-mails), just to switch from the default SHA1 to SHA256…