X-Git-Url: http://the.earth.li/gitweb/?p=onak.git;a=blobdiff_plain;f=onak.ini.in;h=fd6b9e499481245ba0645033e0f00744c96b5a09;hp=7149b5a7e56f6c8c8edc4a401e6a64a5b3474a7f;hb=76f079e5ebdb34acaaa2462a8d915ee06d3c8425;hpb=c981a80699901eb3d513a4cc9355574a69016037

diff --git a/onak.ini.in b/onak.ini.in
index 7149b5a..fd6b9e4 100644
--- a/onak.ini.in
+++ b/onak.ini.in
@@ -9,7 +9,7 @@ logfile=@CMAKE_INSTALL_FULL_LOCALSTATEDIR@/log/onak.log
 loglevel=3
 ; Should we use the keyd backend?
 use_keyd=false
-sock_dir=@CMAKE_INSTALL_FULL_RUNSTATEDIR@
+sock_dir=@CMAKE_INSTALL_FULL_RUNSTATEDIR@/onak
 ; Maximum number of keys to return in a reply to an index, verbose index or
 ; get. Setting it to -1 will allow any size of reply.
 max_reply_keys=128
@@ -19,6 +19,9 @@ max_reply_keys=128
 ; Blacklist certain fingerprints (e.g. EVIL32). One fingerprint per line,
 ; comment lines start with #
 ;blacklist=blacklist.txt
+; Check the size of packets, dropping overly large UIDs / signature packets
+; as per draft-dkg-openpgp-abuse-resistant-keystore 4.1
+;check_packet_size=false
 ; Verify signature hashes - verify that the hash a signature claims to be
 ; over matches the hash of the data. Does not actually verify the signature.
 check_sighash=true