security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

Implemented the chain model for X.509 validation.

Browse source
This commit is contained in:
Werner Koch 2007-08-10 16:52:05 +00:00
parent ebd36b6344
commit 74d344a521
60 changed files with 16887 additions and 12516 deletions
Download patch file Download diff file Expand all files Collapse all files

31
doc/DETAILS
View file

@ -253,8 +253,8 @@ more arguments in future versions.
presence of the letter 'T' inside.
VALIDSIG <fingerprint in hex> <sig_creation_date> <sig-timestamp>
<expire-timestamp> [ <sig-version> <reserved> <pubkey-algo>
<hash-algo> <sig-class> <primary-key-fpr> ]
<expire-timestamp> <sig-version> <reserved> <pubkey-algo>
<hash-algo> <sig-class> [ <primary-key-fpr> ]
The signature with the keyid is good. This is the same as
GOODSIG but has the fingerprint as the argument. Both status
@ -269,8 +269,9 @@ more arguments in future versions.
useful to get back to the primary key without running gpg
again for this purpose.
The optional parameters are used for OpenPGP and are not
available for CMS signatures.
The primary-key-fpr parameter is used for OpenPGP and not
available for CMS signatures. The sig-version as well as the
sig class is not defined for CMS and currently set to 0 and 00.
Note, that *-TIMESTAMP may either be a number with seconds
since epoch or an ISO 8601 string which can be detected by the
@ -310,13 +311,21 @@ more arguments in future versions.
TRUST_UNDEFINED <error token>
TRUST_NEVER <error token>
TRUST_MARGINAL
TRUST_FULLY
TRUST_ULTIMATE
For good signatures one of these status lines are emitted
to indicate how trustworthy the signature is. The error token
values are currently only emitted by gpgsm.
TRUST_NEVER <error token>
TRUST_MARGINAL [0 [<validation_model>]]
TRUST_FULLY [0 [<validation_model>]]
TRUST_ULTIMATE [0 [<validation_model>]]
For good signatures one of these status lines are emitted to
indicate how trustworthy the signature is. The error token
values are currently only emitted by gpgsm. VALIDATION_MODEL
describes the algorithm used to check the validity of the key.
The default is the standard gpg Web of Trust model respective
the standard X.509 model. The defined values are
"pgp" for the standard PGP WoT.
"shell" for the standard X.509 model.
"chain" for the chain model.
PKA_TRUST_GOOD <mailbox>
PKA_TRUST_BAD <mailbox>