mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-23 10:29:58 +01:00
* DETAILS (VALIDSIG): Add version, pk algo, digest algo, sig class, and a
reserved field for flags in a future version. * gpg.sgml: Document --no-textmode and --no-use-agent. Clarify the interoperability section. Clarify that "hkp corruption" (repair-hkp-subkey-bug) is really "pks corruption" (repair-pks-subkey-bug).
This commit is contained in:
parent
ed7467a6ba
commit
7fe578ce22
@ -1,3 +1,13 @@
|
||||
2003-04-27 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* DETAILS (VALIDSIG): Add version, pk algo, digest algo, sig
|
||||
class, and a reserved field for flags in a future version.
|
||||
|
||||
* gpg.sgml: Document --no-textmode and --no-use-agent. Clarify
|
||||
the interoperability section. Clarify that "hkp corruption"
|
||||
(repair-hkp-subkey-bug) is really "pks corruption"
|
||||
(repair-pks-subkey-bug).
|
||||
|
||||
2003-04-15 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* gpg.sgml: Document --enable-progress-filter.
|
||||
|
24
doc/DETAILS
24
doc/DETAILS
@ -164,17 +164,21 @@ more arguments in future versions.
|
||||
this signature. sig_class is a 2 byte hex-value.
|
||||
|
||||
VALIDSIG <fingerprint in hex> <sig_creation_date> <sig-timestamp>
|
||||
<expire-timestamp> <primary-key-fpr>
|
||||
<expire-timestamp> <sig-version> <reserved> <pubkey-algo>
|
||||
<hash-algo> <sig-class> <primary-key-fpr>
|
||||
|
||||
The signature with the keyid is good. This is the same
|
||||
as GOODSIG but has the fingerprint as the argument. Both
|
||||
status lines are emitted for a good signature.
|
||||
sig-timestamp is the signature creation time in seconds after
|
||||
the epoch. expire-timestamp is the signature expiration time
|
||||
in seconds after the epoch (zero means "does not expire").
|
||||
PRIMARY-KEY-FPR is the fingerprint of the primary key or
|
||||
identical to the first argument. This is useful to get back
|
||||
to the primary key without running gpg again for this purpose.
|
||||
The signature with the keyid is good. This is the same as
|
||||
GOODSIG but has the fingerprint as the argument. Both status
|
||||
lines are emitted for a good signature. All arguments here
|
||||
are on one long line. sig-timestamp is the signature creation
|
||||
time in seconds after the epoch. expire-timestamp is the
|
||||
signature expiration time in seconds after the epoch (zero
|
||||
means "does not expire"). sig-version, pubkey-algo, hash-algo,
|
||||
and sig-class (a 2-byte hex value) are all straight from the
|
||||
signature packet. PRIMARY-KEY-FPR is the fingerprint of the
|
||||
primary key or identical to the first argument. This is
|
||||
useful to get back to the primary key without running gpg
|
||||
again for this purpose.
|
||||
|
||||
SIG_ID <radix64_string> <sig_creation_date> <sig-timestamp>
|
||||
This is emitted only for signatures of class 0 or 1 which
|
||||
|
43
doc/gpg.sgml
43
doc/gpg.sgml
@ -895,13 +895,13 @@ compression level of zlib (normally 6).
|
||||
|
||||
<varlistentry>
|
||||
<term>-t, --textmode</term>
|
||||
<term>--no-textmode</term>
|
||||
<listitem><para>
|
||||
Use canonical text mode. If -t (but not
|
||||
--textmode) is used together with armoring
|
||||
and signing, this enables clearsigned messages.
|
||||
This kludge is needed for PGP compatibility;
|
||||
normally you would use --sign or --clearsign
|
||||
to selected the type of the signature.
|
||||
Use canonical text mode. --no-textmode disables this option. If -t
|
||||
(but not --textmode) is used together with armoring and signing, this
|
||||
enables clearsigned messages. This kludge is needed for PGP
|
||||
compatibility; normally you would use --sign or --clearsign to
|
||||
selected the type of the signature.
|
||||
</para></listitem></varlistentry>
|
||||
|
||||
|
||||
@ -1146,11 +1146,12 @@ Defaults to no.
|
||||
</para></listitem></varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term>repair-hkp-subkey-bug</term>
|
||||
<term>repair-pks-subkey-bug</term>
|
||||
<listitem><para>
|
||||
During import, attempt to repair the HKP keyserver mangling multiple
|
||||
subkeys bug. Note that this cannot completely repair the damaged key
|
||||
as some crucial data is removed by the keyserver, but it does at least
|
||||
During import, attempt to repair the damage caused by the PKS
|
||||
keyserver bug (pre version 0.9.6) that mangles keys with multiple
|
||||
subkeys. Note that this cannot completely repair the damaged key as
|
||||
some crucial data is removed by the keyserver, but it does at least
|
||||
give you back one subkey. Defaults to no for regular --import and to
|
||||
yes for keyserver --recv-keys.
|
||||
</para></listitem></varlistentry>
|
||||
@ -1757,10 +1758,12 @@ distribution for details on how to use it.
|
||||
|
||||
<varlistentry>
|
||||
<term>--use-agent</term>
|
||||
<term>--no-use-agent</term>
|
||||
<listitem><para>
|
||||
Try to use the GnuPG-Agent. Please note that this agent is still under
|
||||
development. With this option, GnuPG first tries to connect to the
|
||||
agent before it asks for a passphrase.
|
||||
agent before it asks for a passphrase. --no-use-agent disables this
|
||||
option.
|
||||
</para></listitem></varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
@ -2535,17 +2538,19 @@ cannot be read by the intended recipient.
|
||||
For example, as of this writing, no version of official PGP supports
|
||||
the BLOWFISH cipher algorithm. If you use it, no PGP user will be
|
||||
able to decrypt your message. The same thing applies to the ZLIB
|
||||
compression algorithm. By default, GnuPG will do the right thing and
|
||||
create messages that are usable by any OpenPGP program. Only override
|
||||
this safe default if you know what you are doing.
|
||||
compression algorithm. By default, GnuPG uses the OpenPGP preferences
|
||||
system that will always do the right thing and create messages that
|
||||
are usable by all recipients, regardless of which OpenPGP program they
|
||||
use. Only override this safe default if you know what you are doing.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
If you absolutely must override the safe default, you are far better
|
||||
off using the --pgp2, --pgp6, or --pgp7 options. These options are
|
||||
safe as they do not force any particular algorithms in violation of
|
||||
OpenPGP, but rather reduce the available algorithms to a "PGP-safe"
|
||||
list.
|
||||
If you absolutely must override the safe default, or if the
|
||||
preferences on a given key are invalid for some reason, you are far
|
||||
better off using the --pgp2, --pgp6, --pgp7, or --pgp8 options. These
|
||||
options are safe as they do not force any particular algorithms in
|
||||
violation of OpenPGP, but rather reduce the available algorithms to a
|
||||
"PGP-safe" list.
|
||||
</para>
|
||||
|
||||
</refsect1>
|
||||
|
Loading…
x
Reference in New Issue
Block a user