gpg: sane default for throw-keyids option

The [throw-keyids](https://www.gnupg.org/gph/en/manual/r2110.html) option "hides the receiver of the encrypted data as a countermeasure against traffic analysis." However, it also slows down decryption, and even breaks some applications; see e.g. https://github.com/open-keychain/open-keychain/issues/626 I think the sane default would be to leave it off, just as it is off by default in gpg. The typical user will probably not need this level of security, and will probably prefer a better user experience (faster decryption and compatibility with a wider range of applications). Closes #838
author: Bjarki Ágúst Guðmundsson <suprdewd@gmail.com> 2019-09-08 17:06:14 +0000
committer: Robert Helgesson <robert@rycee.net> 2019-09-11 19:30:26 +0200
commit: 41f918499bea1d6e95fc9314f18e8cf5e94aff79 (patch)
tree: 5e2701e44c09267e81c57cd5cdc0a19db41cf8aa /modules/programs/gpg.nix
parent: d3e316eec5de4b81be5975815c17de7c0dddec83 (diff)
1 files changed, 0 insertions, 1 deletions
diff --git a/modules/programs/gpg.nix b/modules/programs/gpg.nix
index e06ec3a9375..4588c59c882 100644
--- a/modules/programs/gpg.nix
+++ b/modules/programs/gpg.nix
@@ -51,7 +51,6 @@ in {
       with-fingerprint = mkDefault true;
       require-cross-certification = mkDefault true;
       no-symkey-cache = mkDefault true;
-      throw-keyids = mkDefault true;
       use-agent = mkDefault true;
     };
author	Bjarki Ágúst Guðmundsson <suprdewd@gmail.com>	2019-09-08 17:06:14 +0000
committer	Robert Helgesson <robert@rycee.net>	2019-09-11 19:30:26 +0200
commit	41f918499bea1d6e95fc9314f18e8cf5e94aff79 (patch)
tree	5e2701e44c09267e81c57cd5cdc0a19db41cf8aa /modules/programs/gpg.nix
parent	d3e316eec5de4b81be5975815c17de7c0dddec83 (diff)