mirror of git://git.gnupg.org/gnupg.git
(Certificate Options): Add --{enable,disable}-ocsp.
This commit is contained in:
Werner Koch
parent
fbd0f91c82
commit
6b7af47bcc
4
NEWS
4
NEWS
|
|
@ -1,6 +1,10 @@
|
|||
Noteworthy changes in version 1.9.3 (unreleased)
|
||||
------------------------------------------------
|
||||
|
||||
* New options --{enable,disable}-ocsp to validate keys using OCSP
|
||||
This requires at least DirMngr 0.5.1 to work. Default is disabled.
|
||||
|
||||
|
||||
Noteworthy changes in version 1.9.2 (2003-11-17)
|
||||
------------------------------------------------
|
||||
|
||||
|
|
|
|||
|
|
@ -1,3 +1,12 @@
|
|||
2003-12-01 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* gpgsm.texi (Certificate Options): Add --{enable,disable}-ocsp.
|
||||
|
||||
2003-11-17 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* scdaemon.texi (Scdaemon Options): Added --allow-admin and
|
||||
--deny-admin.
|
||||
|
||||
2003-10-27 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* gpg-agent.texi (Agent GET_CONFIRMATION): New.
|
||||
|
|
|
|||
|
|
@ -250,6 +250,15 @@ By default the @acronym{CRL} checks are enabled and the DirMngr is used
|
|||
to check for revoked certificates. The disable option is most useful
|
||||
with an off-line network connection to suppress this check.
|
||||
|
||||
@item --enable-ocsp
|
||||
@itemx --disable-ocsp
|
||||
@opindex enable-ocsp
|
||||
@opindex disable-ocsp
|
||||
Be default @acronym{OCSP} checks are disabled. The enable opton may
|
||||
be used to enable OCSP checks via Dirmngr. If @acronym{CRL} checks
|
||||
are also enabled, CRLs willbe used as a fallback if for some reason an
|
||||
OCSP request won't succeed.
|
||||
|
||||
@end table
|
||||
|
||||
@node Input and Output
|
||||
|
|
|
|||
|
|
@ -146,6 +146,17 @@ default is 32768 (first USB device).
|
|||
Use @var{library} to access the smartcard reader. The current default
|
||||
is @code{libtowitoko.so}.
|
||||
|
||||
|
||||
@item --allow-admin
|
||||
@itemx --deny-admin
|
||||
@opindex allow-admin
|
||||
@opindex deny-admin
|
||||
This enables the use of Admin class commands for card application
|
||||
where this is supported. Currently we support it for the OpenPGP
|
||||
card. Deny is the default. This commands is useful to inhibit
|
||||
accidental access to admin class command which could ultimately lock
|
||||
the card through worng PIN numbers.
|
||||
|
||||
@end table
|
||||
|
||||
All the long options may also be given in the configuration file after
|
||||
|
|
|
|||
Loading…
Reference in New Issue