diff --git a/doc/ChangeLog b/doc/ChangeLog index 0a0e13510..47332c320 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,12 @@ +2004-09-16 David Shaw + + * DETAILS: Document the 'spk' signature subpacket record. Add + more detail on "tru" records. + + * gpg.sgml: Note that PGP scales photo IDs to fit in the dialog + box. Document show-sig-subpackets. Document the '%c' signature + counter expando. + 2004-09-15 Werner Koch * gpg.sgml: Document "--debug-ccid-driver". diff --git a/doc/DETAILS b/doc/DETAILS index 623680860..a5b840995 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -37,6 +37,7 @@ record. grp = reserved for gpgsm rvk = revocation key tru = trust database information + spk = signature subpacket 2. Field: A letter describing the calculated trust. This is a single letter, but be prepared that additional information may follow @@ -141,19 +142,37 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB: The "tru" trust database records have the fields: - 1: Reason for staleness of trust. If this field is empty, then the + 2: Reason for staleness of trust. If this field is empty, then the trustdb is not stale. This field may have multiple flags in it: o: Trustdb is old t: Trustdb was built with a different trust model than the one we are using now. - 2: Trust model. This is always zero (i.e. "Classic") in this version - of GnuPG. - 3: Date trustdb was created in seconds since 1/1/1970. - 4: Date trustdb will expire in seconds since 1/1/1970. + 3: Trust model: + 0: Classic trust model, as used in PGP 2.x. + 1: PGP trust model, as used in PGP 6 and later. This is the same + as the classic trust model, except for the addition of trust + signatures. + + GnuPG before version 1.4 used the classic trust model by default. + GnuPG 1.4 and later uses the PGP trust model by default. + + 4: Date trustdb was created in seconds since 1/1/1970. + 5: Date trustdb will expire in seconds since 1/1/1970. + +The "spk" signature subpacket records have the fields: + + 2: Subpacket number as per RFC-2440 and later. + 3: Flags. Currently the only two bits assigned are 1, to indicate + that the subpacket came from the hashed part of the signature, and + 2, to indicate the subpacket was marked critical. + 4: Length of the subpacket. Note that this is the length of the + subpacket, and not the length of field 5 below. Due to the need + for %-encoding, the length of field 5 may be up to 3x this value. + 5: The subpacket data. Printable ASCII is shown as ASCII, but other + values are rendered as %XX where XX is the hex value for the byte. - Format of the "--status-fd" output ================================== diff --git a/doc/gpg.sgml b/doc/gpg.sgml index 050bb9ea3..f74bd43e0 100644 --- a/doc/gpg.sgml +++ b/doc/gpg.sgml @@ -389,7 +389,9 @@ Create an alternate user id. Create a photographic user id. This will prompt for a JPEG file that will be embedded into the user ID. Note that a very large JPEG will -make for a very large key. +make for a very large key. Also note that some programs will display +your JPEG unchanged (GnuPG), and some programs will scale it to fit in +a dialog box (PGP). deluid @@ -1407,6 +1409,16 @@ Show signature expiration dates (if any) during --list-sigs or --check-sigs listings. Defaults to no. + +show-sig-subpackets + +Include signature subpackets in the key listing. This option can take +an optional argument list of the subpackets to list. If no argument +is passed, list all subpackets. Defaults to no. This option is only +meaningful when using --with-colons along with --list-sigs or +--check-sigs. + + @@ -1745,8 +1757,10 @@ key being signed, "%s" into the key ID of the key making the signature, "%S" into the long key ID of the key making the signature, "%g" into the fingerprint of the key making the signature (which might be a subkey), "%p" into the fingerprint of the primary key of the key -making the signature, and "%%" results in a single "%". %k, %K, and -%f are only meaningful when making a key signature (certification). +making the signature, "%c" into the signature count from the OpenPGP +smartcard, and "%%" results in a single "%". %k, %K, and %f are only +meaningful when making a key signature (certification), and %c is only +meaningful when using the OpenPGP smartcard.