Use gpg 2.3 from unstable

defaults/user-configuration/fhauser/applications/gpg.nix

@@ -1,16 +1,19 @@
-{ pkgs, ... }: {
+{ pkgs, ... }: let
+    unstable = import <nixos-unstable> {};
+in {
   #TODO: ENV variabls for agent
   home-manager.users.fhauser.home.sessionVariables.SSH_AUTH_SOCK =
     "/run/user/1000/gnupg/S.gpg-agent.ssh";
   home-manager.users.fhauser.programs.gpg = {
     enable = true;
+    package = unstable.gnupg;
     settings = {
       "use-agent" = true;
       "trust-model" = "tofu";
       "no-emit-version" = true;
       "no-comments" = true;
       "sig-notation" = "issuer-fpr@notations.openpgp.fifthhorseman.net=%g";
-      "keyserver" = "hkp://pool.sks-keyservers.net";
+      "keyserver" = "hkps://keys.openpgp.org";
       "keyserver-options" = "auto-key-retrieve no-honor-keyserver-url";
       "personal-cipher-preferences" = "AES256 AES192 AES CAST5";
       "cert-digest-algo" = "SHA512";
@@ -24,11 +27,20 @@
       "verify-options" = "show-uid-validity";
       "list-options" = "show-uid-validity";
     };
+    scdaemonSettings = {
+      disable-ccid = true;
+    };
+    # TODO: Complete this list and maybe transfer to managed configuration?
+    #publicKeys = [
+    # { source = "./fabian.hauser@qo.is.pub"; trust = 5; }
+    # { source = "./fabian.hauser@threema.ch.pub"; trust = 5; }
+    #];
   };
   home-manager.users.fhauser.services.gpg-agent = {
     enable = true;
     enableScDaemon = true;
     enableSshSupport = true;
+    enableExtraSocket = true;
     sshKeys = [
       "99DFB0F28CF9420A2D6383139E86814A1568C81B" # 0x8193A5D218B553DD / fabian.hauser@threema.ch
       "638143D3F6421377E9D4C7F1D2EDC5AA0A860351" # 0x3E957C9C8CB5D6B2 / fabian.hauser@qo.is