mirror of
git://git.gnupg.org/gnupg.git
synced 2025-02-08 17:43:04 +01:00
Add documentation for --{no-}ask-cert-expire and --{no-}ask-sig-expire
Revise --expire (it doesn't switch on the expiration prompt any longer) Revise --default-check-level to be clearer as to what makes a good key check before signing
This commit is contained in:
David Shaw
parent
bd5517b9e2
commit
03c95c69a0
@ -1,3 +1,10 @@
|
|||||||
|
2002-01-11 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* gpg.sgml: Added documentation for --{no-}ask-cert-expire,
|
||||||
|
--{no-}ask-sig-expire, and revise --expert (it doesn't switch on
|
||||||
|
the expiration prompt anymore) and --default-check-level (to be
|
||||||
|
clearer as to what makes a good key check before signing).
|
||||||
|
|
||||||
2002-01-07 Werner Koch <wk@gnupg.org>
|
2002-01-07 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
* DETAILS: Removed the comment that unattended key generation is
|
* DETAILS: Removed the comment that unattended key generation is
|
||||||
|
|||||||
67
doc/gpg.sgml
67
doc/gpg.sgml
@ -475,16 +475,28 @@ This is a shortcut version of the subcommand "nrsign" from --edit.
|
|||||||
The default to use for the check level when signing a key.
|
The default to use for the check level when signing a key.
|
||||||
</para><para>
|
</para><para>
|
||||||
0 means you make no particular claim as to how carefully you verified
|
0 means you make no particular claim as to how carefully you verified
|
||||||
the key. 1 means you believe the key is owned by the person who
|
the key.
|
||||||
claims to own it but you could not, or did not verify the key at all.
|
</para><para>
|
||||||
This is useful for a "persona" verification, where you sign the key of
|
1 means you believe the key is owned by the person who claims to own
|
||||||
a pseudonymous user. 2 means you did casual verification of the key.
|
it but you could not, or did not verify the key at all. This is
|
||||||
For example, this could mean that you verified that the key
|
useful for a "persona" verification, where you sign the key of a
|
||||||
fingerprint and checked the user ID on the key against a photo ID. 3
|
pseudonymous user.
|
||||||
means you did extensive verification of the key. For example, this
|
</para><para>
|
||||||
could mean that you verified the key fingerprint and checked the user
|
2 means you did casual verification of the key. For example, this
|
||||||
ID on the key against a photo ID, and also verified the email address
|
could mean that you verified that the key fingerprint and checked the
|
||||||
on the key belongs to the key owner.
|
user ID on the key against a photo ID.
|
||||||
|
</para><para>
|
||||||
|
3 means you did extensive verification of the key. For example, this
|
||||||
|
could mean that you verified the key fingerprint with the owner of the
|
||||||
|
key in person, and that you checked, by means of a hard to forge
|
||||||
|
document with a photo ID (such as a passport) that the name of the key
|
||||||
|
owner matches the name in the user ID on the key, and finally that you
|
||||||
|
verified (by exchange of email) that the email address on the key
|
||||||
|
belongs to the key owner.
|
||||||
|
</para><para>
|
||||||
|
Note that the examples given above for levels 2 and 3 are just that:
|
||||||
|
examples. In the end, it is up to you to decide just what "casual"
|
||||||
|
and "extensive" mean to you.
|
||||||
</para><para>
|
</para><para>
|
||||||
This option defaults to 0.
|
This option defaults to 0.
|
||||||
</para></listitem></varlistentry>
|
</para></listitem></varlistentry>
|
||||||
@ -1735,13 +1747,40 @@ content of an encrypted message; using this option you can do this without
|
|||||||
handing out the secret key.
|
handing out the secret key.
|
||||||
</para></listitem></varlistentry>
|
</para></listitem></varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>--ask-sig-expire</term>
|
||||||
|
<listitem><para>
|
||||||
|
When making a data signature, prompt for an expiration time. If this
|
||||||
|
option is not specified, the expiration time is "never".
|
||||||
|
</para></listitem></varlistentry
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>--no-ask-sig-expire</term>
|
||||||
|
<listitem><para>
|
||||||
|
Resets the --ask-sig-expire option.
|
||||||
|
</para></listitem></varlistentry
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>--ask-cert-expire</term>
|
||||||
|
<listitem><para>
|
||||||
|
When making a key signature, prompt for an expiration time. If this
|
||||||
|
option is not specified, the expiration time is "never".
|
||||||
|
</para></listitem></varlistentry
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>--no-ask-cert-expire</term>
|
||||||
|
<listitem><para>
|
||||||
|
Resets the --ask-cert-expire option.
|
||||||
|
</para></listitem></varlistentry
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>--expert</term>
|
<term>--expert</term>
|
||||||
<listitem><para>
|
<listitem><para>
|
||||||
Enable certain options, such as prompting for a signature expiration
|
Allow the user to do certain nonsenical or "silly" things like signing
|
||||||
date, that are not frequently used by regular users. Also permits the
|
an expired or revoked key, or certain potentially incompatible things
|
||||||
user to do certain "silly" things like signing an expired or revoked
|
like adding more than one photo ID to a single key. In general, this
|
||||||
key.
|
option is for experts only. If you don't really understand what it is
|
||||||
|
doing, leave this off.
|
||||||
</para></listitem></varlistentry
|
</para></listitem></varlistentry
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user