How can we utilize latest GPG from RPM repository?

Edgar Pettijohn edgar at pettijohn-web.com
Sun Feb 18 03:36:52 CET 2018 


On 02/17/18 17:06, helices wrote:
> I will probably never understand why wanting to run the most current 
> version of gnupg on a plethora of servers is controversial.
>
> Nevertheless, the two (2) greatest reasons are:
>
>  1. PCI DSS v3.2
>  2. PCI DSS compliance audits
>
> Being able to demonstrate that we are using the latest, greatest 
> encryption available on every one of our hosts, simplifies that 
> portion of the audit equation more than you probably believe.
>
> Furthermore, following feature not availabe in 2.0.22 are more than 
> nice-to-haves:
>
>   * The file secring.gpg is not used to store the secret keys anymore.
>   * All support for PGP-2 keys has been removed for security reasons.
>   * The standard key generation interface is now much leaner.
>   * Commands to create and sign keys from the command line without any
>     extra prompts are now available.
>   * There is no more need to manually start the gpg-agent.
>   * A new format for locally storing the public keys is now used.
>   * Revocation certificates are now created by default.
>   * The format of the key listing has been changed to better identify
>     the properties of a key.
>
>
> Apparently, there is no current solution to our problem similar to 
> that we found for our rsyslog example. That is too bad. We will get 
> over our disappointment.
>
> However, let it be said here and now, if the gnupg community wants the 
> use of gnupg to spread far further than a clique of geeks, making its 
> use easier for non-geeks is probably the simplest and most direct way.
>
> Yes, that is my opinion, humble or otherwise.
>
> YMMV
>
> Are there any other questions before I get a direct answer to my 
> original subject question?
>
> Thank you.
>
>
> On Wed, Feb 14, 2018 at 2:20 PM, helices <gpg at mdsresource.net 
> <mailto:gpg at mdsresource.net>> wrote:
>
>     CentOS 7 uses gnupg2 v2.0.22. EPEL doesn't have anything newer.
>
>     We want to move to v2.2.x, and stay current, but we don't want to
>     download source and compile for dozens of systems.
>
>     We want all users to be using the same version all of the time.
>
>     Please, advise. Thank you.
>
>
Pay someone to package it for you.
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180217/3b9534e1/attachment-0001.html>

More information about the Gnupg-users mailing list