Change meaning of --allow-non-selfsigned-uid to match change in code, and

add --no-allow-non-selfsigned-uid.

doc/ChangeLog

@@ -1,3 +1,8 @@
+2002-03-18  David Shaw  <dshaw@jabberwocky.com>
+
+	* gpg.sgml: Change meaning of --allow-non-selfsigned-uid to match
+	change in code, and add --no-allow-non-selfsigned-uid.
+
 2002-03-13  Werner Koch  <wk@gnupg.org>
 
 	* faq.raw: Due to a lack of time Nils can't serve anymore as a

doc/gpg.sgml

@@ -1531,22 +1531,23 @@ Reset the --force-v4-certs option.
 Force the use of encryption with appended manipulation
 code.  This is always used with the newer ciphers (those
 with a blocksize greater than 64 bit).
-This option might not be implemented yet.
 </para></listitem></varlistentry>
 
 <varlistentry>
 <term>--allow-non-selfsigned-uid</term>
 <listitem><para>
-Allow the import of keys with user IDs which are not self-signed, but
+Allow the import and use of keys with user IDs which are not
-have at least one signature.
+self-signed.  This is not recommended, as a non self-signed user ID is
-This only allows the import - key validation will fail and you
+trivial to forge.
-have to check the validity of the key by other means.  This hack is
-needed for some German keys generated with pgp 2.6.3in. You should really
-avoid using it, because OpenPGP has better mechanics to do separate signing
-and encryption keys.
 </para></listitem></varlistentry>
 <varlistentry>
 
+<varlistentry>
+<term>--no-allow-non-selfsigned-uid</term>
+<listitem><para>
+Reset the --allow-non-selfsigned-uid option.
+</para></listitem></varlistentry>
+
 <term>--allow-freeform-uid</term>
 <listitem><para>
 Disable all checks on the form of the user ID while generating a new