Updated texi files

2025-01-24 15:17:02 +01:00 · 2002-09-11 12:00:28 +00:00 · 2002-09-11 12:00:28 +00:00 · 96396ff9f1
commit 96396ff9f1
parent 3605051728
1 changed files with 148 additions and 44 deletions
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@ -194,7 +194,10 @@ Add a subkey to this key.
 Remove a subkey.
@item addrevoker
-Add a designated revoker.
+Add a designated revoker. This takes one optional argument:
 "sensitive". If a designated revoker is marked as sensitive, it will
 not be exported by default (see
 export-options).
@item revkey
 Revoke a subkey.
@ -232,23 +235,31 @@ Display the selected photographic user
 id.
@item pref
-List preferences.
+List preferences from the selected user ID. This shows the actual
 preferences, without including any implied preferences.
@item showpref
-More verbose preferences listing.
+More verbose preferences listing for the selected user ID. This shows
 the preferences in effect by including the implied preferences of
 3DES (cipher), SHA-1 (digest), and Uncompressed (compression) if they
 are not already included in the preference list.
@item setpref @code{string}
-Set the list of user ID preferences to @code{string}, this should be 
+Set the list of user ID preferences to @code{string}, this should be a
-a string similar to the one printed by "pref". Using an empty string
+string similar to the one printed by "pref". Using an empty string
-will set the default preference string, using "none" will set the 
+will set the default preference string, using "none" will set the
-preferences to nil. Only available algorithms are allowed. This
+preferences to nil. Use "gpg -v ---version" to get a list of available
-command just initializes an internal list and does not change anything
+algorithms. This command just initializes an internal list and does
-unless another command which changes the self-signatures is used.
+not change anything unless another command (such as "updpref") which
 changes the self-signatures is used.
@item updpref
 Change the preferences of all user IDs (or just of the selected ones
 to the current list of preferences. The timestamp of all affected
-self-signatures fill be advanced by one second.
+self-signatures will be advanced by one second. Note that while you
 can change the preferences on an attribute user ID (aka "photo ID"),
 GnuPG does not select keys via attribute user IDs so these preferences
 will not be used by GnuPG.
@item toggle
 Toggle between public and secret key listing.
@ -308,13 +319,17 @@ Signs a public key with your secret key but marks it as non-revocable.
 This is a shortcut version of the subcommand "nrsign" from ---edit.
@item ---delete-key @code{name}
-Remove key from the public keyring
+Remove key from the public keyring. In batch mode either ---yes is
 required or the key must be specified by fingerprint. This is a
 safeguard against accidental deletion of multiple keys.
@item ---delete-secret-key @code{name}
-Remove key from the secret and public keyring
+Remove key from the secret and public keyring. In batch mode the key
 must be specified by fingerprint.
@item ---delete-secret-and-public-key @code{name}
-Same as ---delete-key, but if a secret key exists, it will be removed first.
+Same as ---delete-key, but if a secret key exists, it will be removed 
 first. In batch mode the key must be specified by fingerprint.
@item ---gen-revoke
 Generate a revocation certificate for the complete key. To revoke
@ -434,11 +449,13 @@ all options.
@end table
@majorheading OPTIONS
-Long options can be put in an options file (default "~/.gnupg/options").
+Long options can be put in an options file (default
-Do not write the 2 dashes, but simply the name of the option and any
+"~/.gnupg/gpg.conf"). Short option names will not work - for example,
-required arguments. Lines with a hash as the first non-white-space
+"armor" is a valid option for the options file, while "a" is not. Do
-character are ignored. Commands may be put in this file too, but that
+not write the 2 dashes, but simply the name of the option and any
-does not make sense.
+required arguments. Lines with a hash ('#') as the first
 non-white-space character are ignored. Commands may be put in this
 file too, but that does not make sense.
@code{gpg} recognizes these options:
@ -597,21 +614,30 @@ each time.
@item ---keyserver-options @code{parameters}
 This is a space or comma delimited string that gives options for the
 keyserver. Options can be prepended with a `no-' to give the opposite
-meaning. While not all options are available for all keyserver types,
+meaning. Valid import-options or export-options may be used here as
-some common options are:
+well to apply to importing (---recv-key) or exporting (--send-key) a
 key from a keyserver. While not all options are available for all
 keyserver types, some common options are:
@table @asis
@item include-revoked
-When receiving or searching for a key, include keys that are marked on
+When searching for a key, include keys that are marked on the
-the keyserver as revoked. Note that this option is always set when
+keyserver as revoked. Note that this option is always set when using
-using the NAI HKP keyserver, as this keyserver does not differentiate
+the NAI HKP keyserver, as this keyserver does not differentiate
-between revoked and unrevoked keys.
+between revoked and unrevoked keys. When using the LDAP keyserver,
 this applies to both searching (---search-keys) and receiving
 (---recv-keys).
@item include-disabled
 When receiving or searching for a key, include keys that are marked on
 the keyserver as disabled. Note that this option is not used with HKP
 keyservers, as they do not support disabling keys.
@item include-subkeys
 When receiving a key, include subkeys in the search. Note that this
 option is not used with HKP keyservers, as they do not support
 retrieving keys by subkey id.
@item use-temp-files
 On most Unix-like platforms, GnuPG communicates with the keyserver
 helper program via pipes, which is the most efficient method. This
@ -639,10 +665,55 @@ keyring.
@end table
@item ---import-options @code{parameters}
 This is a space or comma delimited string that gives options for
 importing keys. Options can be prepended with a `no-' to give the
 opposite meaning. The options are:
@table @asis
@item allow-local-sigs
 Allow importing key signatures marked as "local". This is not
 generally useful unless a shared keyring scheme is being used.
 Defaults to no.
@item repair-hkp-subkey-bug
 During import, attempt to repair the HKP keyserver mangling multiple
 subkeys bug. Note that this cannot completely repair the damaged key
 as some crucial data is removed by the keyserver, but it does at least
 give you back one subkey. Defaults to no for regular ---import and to
 yes for keyserver ---recv-keys.
@end table
@item ---export-options @code{parameters}
 This is a space or comma delimited string that gives options for
 exporting keys. Options can be prepended with a `no-' to give the
 opposite meaning. The options are:
@table @asis
@item include-non-rfc
 Include non-RFC compliant keys in the export. Defaults to yes.
@item include-local-sigs
 Allow exporting key signatures marked as "local". This is not
 generally useful unless a shared keyring scheme is being used.
 Defaults to no.
@item include-attributes
 Include attribute user IDs (photo IDs) while exporting. This is
 useful to export keys if they are going to be used by an OpenPGP
 program that does not accept attribute user IDs. Defaults to yes.
@item include-sensitive-revkeys
 Include designated revoker information that was marked as
 "sensitive". Defaults to no.
@end table
@item ---show-photos
-Causes ---list-keys, --list-sigs, --list-public-keys, and
+Causes ---list-keys, --list-sigs, --list-public-keys,
---list-secret-keys to also display the photo ID attached to a key, if
+---list-secret-keys, and verifying a signature to also display the
-any.
+photo ID attached to the key, if any.
 See also ---photo-viewer.
@item ---no-show-photos
@ -661,6 +732,12 @@ then the photo will be supplied to the viewer on standard input.
 The default viewer is "xloadimage -fork -quiet -title 'KeyID 0x%k'
 stdin"
@item ---exec-path @code{string}
 Sets a list of directories to search for photo viewers and keyserver
 helpers. If not provided, keyserver helpers use the compiled-in
 default directory, and photo viewers use the $PATH environment
 variable.
@item ---show-keyring
 Causes ---list-keys, --list-public-keys, and --list-secret-keys to
 display the name of the keyring a given key resides on. This is only
@ -690,16 +767,21 @@ also overrides the environment variable "GNUPGHOME".
@item ---charset @code{name}
 Set the name of the native character set. This is used
-to convert some strings to proper UTF-8 encoding.
+to convert some strings to proper UTF-8 encoding. If this option is not used, the default character set is determined
 from the current locale. A verbosity level of 3 shows the used one.
 Valid values for @code{name} are:
@table @asis
@item iso-8859-1
-This is the default Latin 1 set.
+This is the Latin 1 set.
@item iso-8859-2
 The Latin 2 set.
@item iso-8859-15
 This is currently an alias for
 the Latin 1 set.
@item koi8-r
 The usual Russian set (rfc1489).
@ -732,7 +814,8 @@ Using this option will also prevent the creation of a
@item ---load-extension @code{name}
 Load an extension module. If @code{name} does not
 contain a slash it is searched in "/usr/local/lib/gnupg"
-See the manual for more information about extensions.
+Extension are in gernal not useful anymore; the use of this 
 option is deprecated.
@item ---debug @code{flags}
 Set debugging flags. All flags are or-ed and @code{flags} may
@ -884,7 +967,10 @@ method will be part of an enhanced OpenPGP specification but GnuPG
 already uses it as a countermeasure against certain attacks. Old
 applications don't understand this new format, so this option may be
 used to switch back to the old behaviour. Using this this option
-bears a security risk.
+bears a security risk. Note that using this option only takes effect
 when the secret key is encrypted - the simplest way to make this
 happen is to change the passphrase on the key (even changing it to the
 same value is acceptable).
@item ---compress-algo @code{n}
 Use compression algorithm @code{n}. Default is 2 which is RFC1950
@ -1007,8 +1093,9 @@ Resets the ---pgp6 option.
@item ---pgp7
 Set up all options to be as PGP 7 compliant as possible. This is
-identical to ---pgp6 except that the list of allowable ciphers is
+identical to ---pgp6 except that MDCs are not disabled, and the list of
-expanded to add AES128, AES192, AES256, and TWOFISH.
+allowable ciphers is expanded to add AES128, AES192, AES256, and
 TWOFISH.
@item ---no-pgp7
 Resets the ---pgp7 option.
@ -1068,12 +1155,18 @@ behaviour. You should not use this option unless you there is some
 clock problem.
@item ---ignore-crc-error
-The ASCII armor used by OpenPG is protected by a CRC checksum against
+The ASCII armor used by OpenPGP is protected by a CRC checksum against
 transmission errors. Sometimes it happens that the CRC gets mangled
-somewhere on the transmission channel 
+somewhere on the transmission channel but the actual content (which is
-but the actual content (which is anyway protected by
+protected by the OpenPGP protocol anyway) is still okay. This option
-the OpenPGP protocol) is still okay. This option will let gpg ignore
+will let gpg ignore CRC errors.
-CRC errors.
+
@item ---ignore-mdc-error
 This option changes a MDC integrity protection failure into a warning.
 This can be useful if a message is partially corrupt, but it is
 necessary to get as much data as possible out of the corrupt message.
 However, be aware that a MDC protection failure may also mean that the
 message was tampered with intentionally by an attacker.
@item ---lock-once
 Lock the databases the first time a lock is requested
@ -1111,6 +1204,9 @@ Suppress the warning about "using insecure memory".
@item ---no-permission-warning
 Suppress the warning about unsafe file permissions.
@item ---no-mdc-warning
 Suppress the warning about missing MDC integrity protection.
@item ---no-armor
 Assume the input data is not in ASCII armored format.
@ -1225,11 +1321,14 @@ refer to the file descriptor n and not to a file with that name.
@item ---no-expensive-trust-checks
 Experimental use only.
-@item ---group @code{name=value}
+@item ---group @code{name=value1 value2 value3 ...}
-Sets up a name group, which is similar to aliases in email programs.
+Sets up a named group, which is similar to aliases in email programs.
 Any time the group name is a receipient (-r or ---recipient), it will
-be expanded to the values specified. Note there is only one level of
+be expanded to the values specified.
-expansion - you cannot make an group that points to another group.
+The values are @code{key IDs} or fingerprints, but any key description
 is accepted. Note that a value with spaces in it will be treated as
 two different values. Note also there is only one level of expansion
 - you cannot make an group that points to another group.
@item ---preserve-permissions
 Don't change the permissions of a secret keyring back to user
@ -1364,7 +1463,8 @@ variable is set to the correct value. The option ---gpg-agent-info can
 be used to overide it.
@item http_proxy
-Only honored when the option ---honor-http-proxy is set.
+Only honored when the keyserver-option
 honor-http-proxy is set.
@end table
@ -1391,8 +1491,12 @@ and the lock file
@item ~/.gnupg/random_seed
 used to preserve the internal random pool
@item ~/.gnupg/gpg.conf
 Default configuration file
@item ~/.gnupg/options
-May contain options
+Old style configuration file; only used when gpg.conf
 is not found
@item /usr[/local]/share/gnupg/options.skel
 Skeleton options file