Updated texinfo files

2024-11-09 21:28:51 +01:00 · 2003-10-10 15:25:01 +00:00 · 2003-10-10 15:25:01 +00:00 · 9d424d1229
commit 9d424d1229
parent 5a0fbad9b3
1 changed files with 187 additions and 58 deletions
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@ -101,8 +101,13 @@ decrypted. The syntax or the filenames is the same.
@item ---list-keys @code{names}
@itemx ---list-public-keys @code{names}
-List all keys from the public keyrings, or just the
+List all keys from the public keyrings, or just the ones given on the
-ones given on the command line.
+command line.
 Avoid using the output of this command in scripts or other programs as
 it is likely to change as GnuPG changes. See ---with-colons for a
 machine-parseable key listing command that is appropriate for use in
 scripts and other programs.
@item ---list-secret-keys @code{names}
 List all keys from the secret keyrings, or just the ones given on the
@ -113,6 +118,18 @@ is not usable (for example, if it was created via
@item ---list-sigs @code{names}
 Same as ---list-keys, but the signatures are listed too.
 For each signature listed, there are several flags in between the
 "sig" tag and keyid. These flags give additional information about
 each signature. From left to right, they are the numbers 1-3 for
 certificate check level (see ---default-cert-check-level), "L" for a
 local or non-exportable signature (see ---lsign-key), "R" for a
 nonRevocable signature (see ---nrsign-key), "P" for a signature that
 contains a policy URL (see ---cert-policy-url), "N" for a signature
 that contains a notation (see ---cert-notation), "X" for an eXpired
 signature (see ---ask-cert-expire), and the numbers 1-9 or "T" for 10
 and above to indicate trust signature levels (see the ---edit-key
 command "tsign").
@item ---check-sigs @code{names}
 Same as ---list-sigs, but the signatures are verified.
@ -191,7 +208,8 @@ Create an alternate user id.
@item addphoto
 Create a photographic user id. This will prompt for a JPEG file that
-will be embedded into the user ID.
+will be embedded into the user ID. A very large JPEG will make for a
 very large key.
@item deluid
 Delete a user id.
@ -492,12 +510,10 @@ Write output to @code{file}.
@item ---mangle-dos-filenames
@itemx ---no-mangle-dos-filenames
-The Windows version of GnuPG replaces the extension of an output
+Older version of Windows cannot handle filenames with more than one
-filename to avoid problems with filenames containing more than one
+dot. ---mangle-dos-filenames causes GnuPG to replace (rather than add
-dot. This is not necessary for newer Windows versions and so
+to) the extension of an output filename to avoid this problem. This
---no-mangle-dos-filenames can be used to switch this feature off and
+option is off by default and has no effect on non-Windows platforms.
 have GnuPG append the new extension. This option has no effect on
 non-Windows platforms.
@item -u, ---local-user @code{name}
 Use @code{name} as the user ID to sign.
@ -725,6 +741,12 @@ This option enables the automatic retrieving of keys from a keyserver
 when verifying signatures made by keys that are not on the local
 keyring.
 Note that this option makes a "web bug" like behavior possible.
 Keyserver operators can see which keys you request, so by sending you
 a message signed by a brand new key (which you naturally will not have
 on your local keyring), the operator can tell both your IP address and
 the time when you verified the signature.
@end table
@item ---import-options @code{parameters}
@ -773,12 +795,95 @@ Include designated revoker information that was marked as
@end table
@item ---list-options @code{parameters}
 This is a space or comma delimited string that gives options used when
 listing keys and signatures (that is, ---list-keys, --list-sigs,
 ---list-public-keys, --list-secret-keys, and the --edit-key functions).
 Options can be prepended with a `no-' to give the opposite meaning.
 The options are:
@table @asis
@item show-photos
 Causes ---list-keys, --list-sigs, --list-public-keys, and
 ---list-secret-keys to display any photo IDs attached to the key.
 Defaults to no. See also ---photo-viewer.
@item show-policy-url
 Show policy URLs in the ---list-sigs or --check-sigs listings.
 Defaults to no.
@item show-notation
 Show signature notations in the ---list-sigs or --check-sigs listings.
 Defaults to no.
@item show-keyserver-url
 Show any preferred keyserver URL in the ---list-sigs or --check-sigs
 listings. Defaults to no.
@item show-validity
 Display the calculated validity of keys and user IDs during key
 listings. Defaults to no.
@item show-long-keyid
 Display all 64 bits (16 digits) of key IDs during key listings, rather
 than the more common 32 bit (8 digit) IDs. Defaults to no.
@item show-unusable-uids
 Show revoked and expired user IDs in key listings. Defaults to no.
@item show-keyring
 Display the keyring name at the head of key listings to show which
 keyring a given key resides on. Defaults to no.
@item show-sig-expire
 Show signature expiration dates (if any) during ---list-sigs or
 ---check-sigs listings. Defaults to no.
@end table
@item ---verify-options @code{parameters}
 This is a space or comma delimited string that gives options used when
 verifying signatures. Options can be prepended with a `no-' to give
 the opposite meaning. The options are:
@table @asis
@item show-photos
 Display any photo IDs present on the key that issued the signature.
 Defaults to no. See also ---photo-viewer.
@item show-policy-url
 Show policy URLs in the signature being verified. Defaults to no.
@item show-notation
 Show signature notations in the signature being verified. Defaults to
 no.
@item show-keyserver-url
 Show any preferred keyserver URL in the signature being verified.
 Defaults to no.
@item show-validity
 Display the calculated validity of the user IDs on the key that issued
 the signature. Defaults to no.
@item show-long-keyid
 Display all 64 bits (16 digits) of key IDs during signature
 verification, rather than the more common 32 bit (8 digit) IDs.
 Defaults to no.
@item show-unusable-uids
 Show revoked and expired user IDs during signature verification.
 Defaults to no.
@end table
@item ---show-photos
@itemx ---no-show-photos
 Causes ---list-keys, --list-sigs, --list-public-keys,
 ---list-secret-keys, and verifying a signature to also display the
-photo ID attached to the key, if any. See also ---photo-viewer.
+photo ID attached to the key, if any. See also ---photo-viewer. These
---no-show-photos disables this option.
+options are deprecated. Use `---list-options [no-]show-photos' and/or
 `---verify-options [no-]show-photos' instead.
@item ---photo-viewer @code{string}
 This is the command line that should be run to view a photo ID. "%i"
@ -791,7 +896,8 @@ and "%%" for an actual percent sign. If neither %i or %I are present,
 then the photo will be supplied to the viewer on standard input.
 The default viewer is "xloadimage -fork -quiet -title 'KeyID 0x%k'
-stdin"
+stdin". Note that if your image viewer program is not secure, then
 executing it from GnuPG does not make it secure.
@item ---exec-path @code{string}
 Sets a list of directories to search for photo viewers and keyserver
@ -800,10 +906,9 @@ default directory, and photo viewers use the $PATH environment
 variable.
@item ---show-keyring
-Causes ---list-keys, --list-public-keys, and --list-secret-keys to
+Display the keyring name at the head of key listings to show which
-display the name of the keyring a given key resides on. This is only
+keyring a given key resides on. This option is deprecated: use
-useful when you're listing a specific key or set of keys. It has no
+`---list-options [no-]show-keyring' instead.
 effect when listing all keys.
@item ---keyring @code{file}
 Add @code{file} to the list of keyrings. If @code{file} begins with a
@ -921,19 +1026,12 @@ Please note that this has nothing to do with the comments in clear
 text signatures or armor headers. ---no-sk-comments disables this
 option.
@item ---no-comment
 See ---no-sk-comments. This option is deprecated and may be removed
 soon.
@item ---comment @code{string}
-Use @code{string} as the comment string in clear text signatures. The
+@itemx ---no-comments
-default behavior is not to use a comment string.
+Use @code{string} as a comment string in clear text signatures and
-
+ASCII armored messages or keys (see ---armor). The default behavior is
-@item ---default-comment
+not to use a comment string. ---comment may be repeated multiple times
-Force to write the standard comment string in clear
+to get multiple comment strings. ---no-comments removes all comments.
 text signatures. Use this to overwrite a ---comment
 from a config file. This option is now obsolete because there is no
 default comment string anymore.
@item ---emit-version
@itemx ---no-emit-version
@ -942,7 +1040,7 @@ Force inclusion of the version string in ASCII armored output.
@item ---sig-notation @code{name=value}
@itemx ---cert-notation @code{name=value}
-@itemx -N, ---notation-data @code{name=value}
+@itemx -N, ---set-notation @code{name=value}
 Put the name value pair into the signature as notation data.
@code{name} must consist only of printable characters or spaces, and
 must contain a '@@' character. This is to help prevent pollution of
@ -952,29 +1050,32 @@ encoded in UTF8, so you should check that your ---charset is set
 correctly. If you prefix @code{name} with an exclamation mark, the
 notation data will be flagged as critical (rfc2440:5.2.3.15).
 ---sig-notation sets a notation for data signatures. --cert-notation
-sets a notation for key signatures (certifications). ---notation-data
+sets a notation for key signatures (certifications). ---set-notation
 sets both.
 There are special codes that may be used in notation names. "%k" will
-be expanded into the key ID of the key being signed, "%K" for the long
+be expanded into the key ID of the key being signed, "%K" into the
-key ID of the key being signed, "%f" for the key fingerprint of the
+long key ID of the key being signed, "%f" into the fingerprint of the
-key being signed, "%s" for the key ID of the key making the signature,
+key being signed, "%s" into the key ID of the key making the
-"%S" for the long key ID of the key making the signature, and "%%"
+signature, "%S" into the long key ID of the key making the signature,
-results in a single "%". %k, %K, and %f are only meaningful when
+"%g" into the fingerprint of the key making the signature (which might
-making a key signature (certification).
+be a subkey), "%p" into the fingerprint of the primary key of the key
 making the signature, and "%%" results in a single "%". %k, %K, and
 %f are only meaningful when making a key signature (certification).
@item ---show-notation
@itemx ---no-show-notation
 Show signature notations in the ---list-sigs or --check-sigs listings
-as well as when verifying a signature with a notation in it.
+as well as when verifying a signature with a notation in it. These
---no-show-notation disables this option.
+options are deprecated. Use `---list-options [no-]show-notation'
 and/or `---verify-options [no-]show-notation' instead.
@item ---sig-policy-url @code{string}
@itemx ---cert-policy-url @code{string}
@itemx ---set-policy-url @code{string}
-Use @code{string} as Policy URL for signatures (rfc2440:5.2.3.19). If
+Use @code{string} as a Policy URL for signatures (rfc2440:5.2.3.19).
-you prefix it with an exclamation mark, the policy URL packet will be
+If you prefix it with an exclamation mark, the policy URL packet will
-flagged as critical. ---sig-policy-url sets a a policy url for data
+be flagged as critical. ---sig-policy-url sets a a policy url for data
 signatures. ---cert-policy-url sets a policy url for key signatures
 (certifications). ---set-policy-url sets both.
@ -983,8 +1084,16 @@ The same %-expandos used for notation data are available here as well.
@item ---show-policy-url
@itemx ---no-show-policy-url
 Show policy URLs in the ---list-sigs or --check-sigs listings as well
-as when verifying a signature with a policy URL in it.
+as when verifying a signature with a policy URL in it. These options
---no-show-policy-url disables this option.
+are deprecated. Use `---list-options [no-]show-policy-url' and/or
 `---verify-options [no-]show-policy-url' instead.
@item ---sig-keyserver-url @code{string}
 Use @code{string} as a preferred keyserver URL for data signatures. If
 you prefix it with an exclamation mark, the keyserver URL packet will
 be flagged as critical. 
 The same %-expandos used for notation data are available here as well.
@item ---set-filename @code{string}
 Use @code{string} as the filename which is stored inside messages.
@ -1175,6 +1284,10 @@ behavior. Use this option to reset all previous options like
 ---compress-algo to OpenPGP compliant values. All PGP workarounds are
 disabled.
@item ---rfc2440
 Reset all packet, cipher and digest options to strict RFC-2440
 behavior. Note that this is currently the same thing as ---openpgp.
@item ---rfc1991
 Try to be more RFC-1991 (PGP 2.x) compliant.
@ -1256,15 +1369,17 @@ it does not ensure the de-facto standard format of user IDs.
@item ---ignore-time-conflict
 GnuPG normally checks that the timestamps associated with keys and
-signatures have plausible values. However, sometimes a signature seems to
+signatures have plausible values. However, sometimes a signature
-be older than the key due to clock problems. This option makes these
+seems to be older than the key due to clock problems. This option
-checks just a warning.
+makes these checks just a warning. See also ---ignore-valid-from for
 timestamp issues on subkeys.
@item ---ignore-valid-from
-GnuPG normally does not select and use subkeys created in the future. This
+GnuPG normally does not select and use subkeys created in the future.
-option allows the use of such keys and thus exhibits the pre-1.0.7
+This option allows the use of such keys and thus exhibits the
-behaviour. You should not use this option unless you there is some
+pre-1.0.7 behaviour. You should not use this option unless you there
-clock problem.
+is some clock problem. See also ---ignore-time-conflict for timestamp
 issues with signatures.
@item ---ignore-crc-error
 The ASCII armor used by OpenPGP is protected by a CRC checksum against
@ -1313,11 +1428,17 @@ Suppress the initial copyright message.
 Suppress the warning about "using insecure memory".
@item ---no-permission-warning
-Suppress the warning about unsafe file permissions. Note that the
+Suppress the warning about unsafe file and home directory (---homedir)
-file permission checks that GnuPG performs are not intended to be
+permissions. Note that the permission checks that GnuPG performs are
-authoritative, rather they simply warn about certain common permission
+not intended to be authoritative, but rather they simply warn about
-problems. Do not assume that the lack of a warning means that your
+certain common permission problems. Do not assume that the lack of a
-system is secure.
+warning means that your system is secure.
 Note that the warning for unsafe ---homedir permissions cannot be
 supressed in the gpg.conf file, as this would allow an attacker to
 place an unsafe gpg.conf file in place, and use this file to supress
 warnings about itself. The ---homedir permissions warning may only be
 supressed on the command line.
@item ---no-mdc-warning
 Suppress the warning about missing MDC integrity protection.
@ -1335,8 +1456,12 @@ used to make the decryption faster if the signature
 verification is not needed.
@item ---with-colons
-Print key listings delimited by colons. Note, that the output will be
+Print key listings delimited by colons. Note that the output will be
-encoded in UTF-8 regardless of any ---charset setting.
+encoded in UTF-8 regardless of any ---charset setting. This format is
 useful when GnuPG is called from scripts and other programs as it is
 easily machine parsed. The details of this format are documented in
 the file doc/DETAILS, which is included in the GnuPG source
 distribution.
@item ---with-key-data
 Print key listings delimited by colons (like ---with-colons) and print the public key data.
@ -1445,6 +1570,9 @@ from the command line, it may be necessary to quote the argument to
 this option to prevent the shell from treating it as multiple
 arguments.
@item ---no-groups
 Clear the ---group list.
@item ---preserve-permissions
 Don't change the permissions of a secret keyring back to user
 read/write only. Use this option only if you really know what you are doing.
@ -1463,7 +1591,8 @@ should be a string similar to the one printed by the command "pref" in
 the edit menu. This allows the user to factor in their own preferred
 algorithms when algorithms are chosen via recipient key preferences.
 The most highly ranked digest algorithm in this list is algo used when
-signing without encryption (e.g. ---clearsign or --sign).
+signing without encryption (e.g. ---clearsign or --sign). The default
 value is SHA-1.
@item ---personal-compress-preferences @code{string}
 Set the list of personal compression preferences to @code{string}, this