diff options
Diffstat (limited to '')
| -rw-r--r-- | doc/gpg.texi | 6 | ||||
| -rw-r--r-- | g10/gpg.c | 3 |
2 files changed, 5 insertions, 4 deletions
diff --git a/doc/gpg.texi b/doc/gpg.texi index 899c6b8d2..2e7230982 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1586,12 +1586,14 @@ are available for all keyserver types, some common options are: keyserver URL, then use that preferred keyserver to refresh the key from. In addition, if auto-key-retrieve is set, and the signature being verified has a preferred keyserver URL, then use that preferred - keyserver to fetch the key from. Defaults to yes. + keyserver to fetch the key from. Note that this option introduces a + "web bug": The creator of the key can see when the keys is + refreshed. Thus this option is not enabled by default. @item honor-pka-record If auto-key-retrieve is set, and the signature being verified has a PKA record, then use the PKA information to fetch the key. Defaults - to yes. + to "yes". @item include-subkeys When receiving a key, include subkeys as potential targets. Note that @@ -2128,8 +2128,7 @@ main (int argc, char **argv) opt.export_options = EXPORT_ATTRIBUTES; opt.keyserver_options.import_options = IMPORT_REPAIR_PKS_SUBKEY_BUG; opt.keyserver_options.export_options = EXPORT_ATTRIBUTES; - opt.keyserver_options.options = (KEYSERVER_HONOR_KEYSERVER_URL - | KEYSERVER_HONOR_PKA_RECORD ); + opt.keyserver_options.options = KEYSERVER_HONOR_PKA_RECORD; opt.verify_options = (LIST_SHOW_UID_VALIDITY | VERIFY_SHOW_POLICY_URLS | VERIFY_SHOW_STD_NOTATIONS |