mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-23 10:29:58 +01:00
* gpg.sgml: Document backsign, --require-backsigs, and
--no-require-backsigs. * DETAILS: Clarify Key-Usage.
This commit is contained in:
parent
b3ea683ac9
commit
74ee007922
@ -1,3 +1,10 @@
|
||||
2005-10-27 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* gpg.sgml: Document backsign, --require-backsigs, and
|
||||
--no-require-backsigs.
|
||||
|
||||
* DETAILS: Clarify Key-Usage.
|
||||
|
||||
2005-10-07 Werner Koch <wk@g10code.com>
|
||||
|
||||
* gpgv.sgml: Small spelling corrections by Mike Dowling.
|
||||
|
11
doc/DETAILS
11
doc/DETAILS
@ -587,7 +587,7 @@ more arguments in future versions.
|
||||
PIN change really worked.
|
||||
|
||||
BACKUP_KEY_CREATED fingerprint fname
|
||||
A backup key named FNAME has been created for the key wityh
|
||||
A backup key named FNAME has been created for the key with
|
||||
KEYID.
|
||||
|
||||
|
||||
@ -750,8 +750,13 @@ The format of this file is as follows:
|
||||
Length of the key in bits. Default is 1024.
|
||||
Key-Usage: <usage-list>
|
||||
Space or comma delimited list of key usage, allowed values are
|
||||
"encrypt" and "sign". This is used to generate the key flags.
|
||||
Please make sure that the algorithm is capable of this usage.
|
||||
"encrypt", "sign", and "auth". This is used to generate the
|
||||
key flags. Please make sure that the algorithm is capable of
|
||||
this usage. Note that OpenPGP requires that all primary keys
|
||||
are capable of certification, so no matter what usage is given
|
||||
here, the "cert" flag will be on. If no Key-Usage is
|
||||
specified, all the allowed usages for that particular
|
||||
algorithm are used.
|
||||
Subkey-Type: <algo-number>|<algo-string>
|
||||
This generates a secondary key. Currently only one subkey
|
||||
can be handled.
|
||||
|
19
doc/gpg.sgml
19
doc/gpg.sgml
@ -563,6 +563,14 @@ that is no longer usable (e.g. revoked, or expired).
|
||||
</variablelist>
|
||||
|
||||
If invoked with no arguments, both `sigs' and `uids' are cleaned.
|
||||
</para></listitem></varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term>backsign</term>
|
||||
<listitem></para>
|
||||
Add back signatures to signing subkeys that may not currently have
|
||||
back signatures. Back signatures protect against a subtle attack
|
||||
against signing subkeys. See --require-backsigs.
|
||||
</para></listitem></varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
@ -2712,6 +2720,17 @@ content of an encrypted message; using this option you can do this without
|
||||
handing out the secret key.
|
||||
</para></listitem></varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term>--require-backsigs</term>
|
||||
<term>--no-require-backsigs</term>
|
||||
<listitem><para>
|
||||
When verifying a signature made from a subkey, ensure that the "back
|
||||
signature" on the subkey is present and valid. This protects against
|
||||
a subtle attack against subkeys that can sign. Currently defaults to
|
||||
--no-require-backsigs, but will be changed to --require-backsigs in
|
||||
the future.
|
||||
</para></listitem></varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term>--ask-sig-expire</term>
|
||||
<term>--no-ask-sig-expire</term>
|
||||
|
Loading…
x
Reference in New Issue
Block a user