1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

* DETAILS (VALIDSIG): Add version, pk algo, digest algo, sig class, and a

reserved field for flags in a future version.

* gpg.sgml: Document --no-textmode and --no-use-agent.  Clarify the
interoperability section.  Clarify that "hkp corruption"
(repair-hkp-subkey-bug) is really "pks corruption"
(repair-pks-subkey-bug).
This commit is contained in:
David Shaw 2003-04-27 20:37:26 +00:00
parent ed7467a6ba
commit 7fe578ce22
3 changed files with 48 additions and 29 deletions

View File

@ -1,3 +1,13 @@
2003-04-27 David Shaw <dshaw@jabberwocky.com>
* DETAILS (VALIDSIG): Add version, pk algo, digest algo, sig
class, and a reserved field for flags in a future version.
* gpg.sgml: Document --no-textmode and --no-use-agent. Clarify
the interoperability section. Clarify that "hkp corruption"
(repair-hkp-subkey-bug) is really "pks corruption"
(repair-pks-subkey-bug).
2003-04-15 Werner Koch <wk@gnupg.org>
* gpg.sgml: Document --enable-progress-filter.

View File

@ -164,17 +164,21 @@ more arguments in future versions.
this signature. sig_class is a 2 byte hex-value.
VALIDSIG <fingerprint in hex> <sig_creation_date> <sig-timestamp>
<expire-timestamp> <primary-key-fpr>
<expire-timestamp> <sig-version> <reserved> <pubkey-algo>
<hash-algo> <sig-class> <primary-key-fpr>
The signature with the keyid is good. This is the same
as GOODSIG but has the fingerprint as the argument. Both
status lines are emitted for a good signature.
sig-timestamp is the signature creation time in seconds after
the epoch. expire-timestamp is the signature expiration time
in seconds after the epoch (zero means "does not expire").
PRIMARY-KEY-FPR is the fingerprint of the primary key or
identical to the first argument. This is useful to get back
to the primary key without running gpg again for this purpose.
The signature with the keyid is good. This is the same as
GOODSIG but has the fingerprint as the argument. Both status
lines are emitted for a good signature. All arguments here
are on one long line. sig-timestamp is the signature creation
time in seconds after the epoch. expire-timestamp is the
signature expiration time in seconds after the epoch (zero
means "does not expire"). sig-version, pubkey-algo, hash-algo,
and sig-class (a 2-byte hex value) are all straight from the
signature packet. PRIMARY-KEY-FPR is the fingerprint of the
primary key or identical to the first argument. This is
useful to get back to the primary key without running gpg
again for this purpose.
SIG_ID <radix64_string> <sig_creation_date> <sig-timestamp>
This is emitted only for signatures of class 0 or 1 which

View File

@ -895,13 +895,13 @@ compression level of zlib (normally 6).
<varlistentry>
<term>-t, --textmode</term>
<term>--no-textmode</term>
<listitem><para>
Use canonical text mode. If -t (but not
--textmode) is used together with armoring
and signing, this enables clearsigned messages.
This kludge is needed for PGP compatibility;
normally you would use --sign or --clearsign
to selected the type of the signature.
Use canonical text mode. --no-textmode disables this option. If -t
(but not --textmode) is used together with armoring and signing, this
enables clearsigned messages. This kludge is needed for PGP
compatibility; normally you would use --sign or --clearsign to
selected the type of the signature.
</para></listitem></varlistentry>
@ -1146,11 +1146,12 @@ Defaults to no.
</para></listitem></varlistentry>
<varlistentry>
<term>repair-hkp-subkey-bug</term>
<term>repair-pks-subkey-bug</term>
<listitem><para>
During import, attempt to repair the HKP keyserver mangling multiple
subkeys bug. Note that this cannot completely repair the damaged key
as some crucial data is removed by the keyserver, but it does at least
During import, attempt to repair the damage caused by the PKS
keyserver bug (pre version 0.9.6) that mangles keys with multiple
subkeys. Note that this cannot completely repair the damaged key as
some crucial data is removed by the keyserver, but it does at least
give you back one subkey. Defaults to no for regular --import and to
yes for keyserver --recv-keys.
</para></listitem></varlistentry>
@ -1757,10 +1758,12 @@ distribution for details on how to use it.
<varlistentry>
<term>--use-agent</term>
<term>--no-use-agent</term>
<listitem><para>
Try to use the GnuPG-Agent. Please note that this agent is still under
development. With this option, GnuPG first tries to connect to the
agent before it asks for a passphrase.
agent before it asks for a passphrase. --no-use-agent disables this
option.
</para></listitem></varlistentry>
<varlistentry>
@ -2535,17 +2538,19 @@ cannot be read by the intended recipient.
For example, as of this writing, no version of official PGP supports
the BLOWFISH cipher algorithm. If you use it, no PGP user will be
able to decrypt your message. The same thing applies to the ZLIB
compression algorithm. By default, GnuPG will do the right thing and
create messages that are usable by any OpenPGP program. Only override
this safe default if you know what you are doing.
compression algorithm. By default, GnuPG uses the OpenPGP preferences
system that will always do the right thing and create messages that
are usable by all recipients, regardless of which OpenPGP program they
use. Only override this safe default if you know what you are doing.
</para>
<para>
If you absolutely must override the safe default, you are far better
off using the --pgp2, --pgp6, or --pgp7 options. These options are
safe as they do not force any particular algorithms in violation of
OpenPGP, but rather reduce the available algorithms to a "PGP-safe"
list.
If you absolutely must override the safe default, or if the
preferences on a given key are invalid for some reason, you are far
better off using the --pgp2, --pgp6, --pgp7, or --pgp8 options. These
options are safe as they do not force any particular algorithms in
violation of OpenPGP, but rather reduce the available algorithms to a
"PGP-safe" list.
</para>
</refsect1>