Bug#860571: release-notes: clarify and document GnuPG transition for stretch
On Wed 2017-04-19 04:55:14 +0200, Joost van Baal-Ilić wrote:
> "The upgrade to "modern" GnuPG has been made as smooth as possible by offering
> migration scripts.
Actually, i consider the one migration script that we offer
(migrate-pubring-from-classic-gpg) to be the least smooth part of the
process. The most smooth part of the process has been the work upstream
to make the upgraded gpg Just Work. I don't think that drawing
attention to the migration script (which shouldn't be necessary for most
people) in the release notes is a great idea.
> However, beware: The upgrade comes with some subtle differences in
> GnuPG's interface.
I think this bit might just be alarmism, and i'm not sure whether we
gain anything by it. Any major version upgrade of anything comes with
some subtle differences, no?
> See /usr/share/doc/gnupg/README.Debian for more information."
I'd be fine with adding this sentence to the end of the first
paragraph if people think that would be useful.
> Rationale: I'm thinking of e.g. 'all access to secret key material is handled
> by gpg-agent'.
sure. Also, all network access is handled by dirmngr. and smartcard
access is handled by scdaemon. and there are new and better primitives
for automation. and we have upstream-supported python-bindings for
libgpgme. and a lot of other changes :)
but we want to keep the release notes short, right? if they're not
short, no one will read them, in which case we might as well not write
them in the first place, since (as you point out) all of these details
are surely shipped in various README.Debian and NEWS files already