diff --git a/doc/ChangeLog b/doc/ChangeLog index 52550e348..03c57600a 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,10 @@ +2002-11-03 David Shaw + + * gpg.sgml: Document "tsign", clarify "setpref", clarify + --recipient, document --hidden-recipient, document + --hidden-encrypt-to, clarify --no-encrypt-to, clarify + --throw-keyid, document --no-throw-keyid. + 2002-10-24 David Shaw * gpg.sgml: Document --refresh-keys. diff --git a/doc/gpg.sgml b/doc/gpg.sgml index fb1c21e39..d4a4514d8 100644 --- a/doc/gpg.sgml +++ b/doc/gpg.sgml @@ -310,6 +310,14 @@ therefore never be revoked. Combines the functionality of nrsign and lsign to make a signature that is both non-revocable and non-exportable. + + tsign + +Make a trust signature. This is a signature that combines the notions +of certification (like a regular signature), and trust (like the +"trust" command). It is generally only useful in distinct communities +or groups. + revsig @@ -419,7 +427,7 @@ are not already included in the preference list. Set the list of user ID preferences to &ParmString;, this should be a string similar to the one printed by "pref". Using an empty string will set the default preference string, using "none" will set the -preferences to nil. Use "gpg -v --version" to get a list of available +preferences to nil. Use "gpg --version" to get a list of available algorithms. This command just initializes an internal list and does not change anything unless another command (such as "updpref") which changes the self-signatures is used. @@ -775,8 +783,20 @@ found in the secret keyring. -r, --recipient &ParmName; -Encrypt for user id &ParmName;. If this option is not -specified, GnuPG asks for the user-id unless --default-recipient is given +Encrypt for user id &ParmName;. If this option or --hidden-recipient +is not specified, GnuPG asks for the user-id unless +--default-recipient is given. + + + +-R, --hidden-recipient &ParmName; + + +Encrypt for user id &ParmName;, but hide the keyid of the key. This +option hides the receiver of the message and is a countermeasure +against traffic analysis. If this option or --recipient is not +specified, GnuPG asks for the user-id unless --default-recipient is +given. @@ -813,11 +833,21 @@ No trust checking is performed for these user ids and even disabled keys can be used. + +--hidden-encrypt-to &ParmName; + +Same as --hidden-recipient but this one is intended for use in the +options file and may be used with your own user-id as a hidden +"encrypt-to-self". These keys are only used when there are other +recipients given either by use of --recipient or by the asked user id. +No trust checking is performed for these user ids and even disabled +keys can be used. + --no-encrypt-to -Disable the use of all --encrypt-to keys. +Disable the use of all --encrypt-to and --hidden-encrypt-to keys. @@ -1626,12 +1656,17 @@ Resets the --auto-check-trustdb option. --throw-keyid -Do not put the keyid into encrypted packets. This option -hides the receiver of the message and is a countermeasure -against traffic analysis. It may slow down the decryption -process because all available secret keys are tried. +Do not put the keyids into encrypted packets. This option hides the +receiver of the message and is a countermeasure against traffic +analysis. It may slow down the decryption process because all +available secret keys are tried. + +--no-throw-keyid + +Resets the --throw-keyid option. + --not-dash-escaped