diff --git a/doc/gpg.texi b/doc/gpg.texi
index cf0cfb135..4e5ed1e7e 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1945,6 +1945,11 @@ obsolete; it does not harm to use it though.
 Same as the command @option{--fingerprint} but changes only the format
 of the output and may be used together with another command.
 
+@ifset gpgtwoone
+@item --with-keygrip
+@opindex with-keygrip
+Include the keygrip in the key listings.
+@end ifset
 
 @end table
 
diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi
index 93b625162..530169a99 100644
--- a/doc/gpgsm.texi
+++ b/doc/gpgsm.texi
@@ -554,6 +554,10 @@ This option is therefore useful to simply verify a certificate.
 For standard key listings, also print the MD5 fingerprint of the
 certificate.
 
+@item --with-keygrip
+Include the keygrip in standard key listings.  Note that the keygrip is
+always listed in --with-colons mode.
+
 @end table
 
 @c *******************************************
diff --git a/g10/ChangeLog b/g10/ChangeLog
index 36a49ba84..a4873fe53 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,10 @@
+2010-10-08  Werner Koch  <wk@g10code.com>
+
+	* gpg.c: Add option --with-keygrip.
+	* options.h (struct opt): Add WITH_KEYGRIP.
+	* keylist.c (list_keyblock_print, list_keyblock_colon): Implement
+	new option.
+
 2010-10-06  Werner Koch  <wk@g10code.com>
 
 	* import.c (transfer_secret_keys): Ignore missing key parameters.
diff --git a/g10/gpg.c b/g10/gpg.c
index f553c6e16..c25c3ba18 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -166,6 +166,7 @@ enum cmd_and_opt_values
     oNoAskCertLevel,
     oFingerprint,
     oWithFingerprint,
+    oWithKeygrip,
     oAnswerYes,
     oAnswerNo,
     oKeyring,
@@ -669,6 +670,7 @@ static ARGPARSE_OPTS opts[] = {
   ARGPARSE_s_n (oUtf8Strings,      "utf8-strings", "@"),
   ARGPARSE_s_n (oNoUtf8Strings, "no-utf8-strings", "@"),
   ARGPARSE_s_n (oWithFingerprint, "with-fingerprint", "@"),
+  ARGPARSE_s_n (oWithKeygrip,     "with-keygrip", "@"),
   ARGPARSE_s_s (oDisableCipherAlgo,  "disable-cipher-algo", "@"),
   ARGPARSE_s_s (oDisablePubkeyAlgo,  "disable-pubkey-algo", "@"),
   ARGPARSE_s_n (oAllowNonSelfsignedUID,      "allow-non-selfsigned-uid", "@"),
@@ -2279,6 +2281,10 @@ main (int argc, char **argv)
             fpr_maybe_cmd = 1;
             break;
 
+	  case oWithKeygrip:
+            opt.with_keygrip = 1;
+            break;
+
 	  case oSecretKeyring:
             /* Ignore this old option.  */
             break;
diff --git a/g10/keylist.c b/g10/keylist.c
index 254513a76..d144afc39 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -822,6 +822,17 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr, void *opaque)
   if (fpr)
     print_fingerprint (pk, 0);
 
+  if (opt.with_keygrip)
+    {
+      char *p;
+
+      if (!hexkeygrip_from_pk (pk, &p))
+        {
+          es_fprintf (es_stdout, "      Keygrip = %s\n", p);
+          xfree (p);
+        }
+    }
+
   /* FIXME: Change this function to take a PK and ask the agent:  */
   /* if (secret) print_card_serialno (sk); */
 
@@ -919,6 +930,16 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr, void *opaque)
               /* if (secret) */
               /*   print_card_serialno (sk2); */
             }
+          if (opt.with_keygrip)
+            {
+              char *p;
+              
+              if (!hexkeygrip_from_pk (pk2, &p))
+                {
+                  es_fprintf (es_stdout, "      Keygrip = %s\n", p);
+                  xfree (p);
+                }
+            }
 	  if (opt.with_key_data)
 	    print_key_data (pk2);
 	}
@@ -1131,14 +1152,15 @@ list_keyblock_colon (KBNODE keyblock, int secret, int fpr)
   print_revokers (pk);
   if (fpr)
     print_fingerprint (pk, 0);
-  if (opt.with_key_data)
+  if (opt.with_key_data || opt.with_keygrip)
     {
       if (!hexkeygrip_from_pk (pk, &p))
         {
           es_fprintf (es_stdout, "grp:::::::::%s:\n", p);
           xfree (p);
         }
-      print_key_data (pk);
+      if (opt.with_key_data)
+        print_key_data (pk);
     }
 
   for (kbctx = NULL; (node = walk_kbnode (keyblock, &kbctx, 0));)
@@ -1236,14 +1258,15 @@ list_keyblock_colon (KBNODE keyblock, int secret, int fpr)
 	  es_putc ('\n', es_stdout);
 	  if (fpr > 1)
 	    print_fingerprint (pk2, 0);
-	  if (opt.with_key_data)
+	  if (opt.with_key_data || opt.with_keygrip)
             {
               if (!hexkeygrip_from_pk (pk2, &p))
                 {
                   es_fprintf (es_stdout, "grp:::::::::%s:\n", p);
                   xfree (p);
                 }
-              print_key_data (pk2);
+              if (opt.with_key_data)
+                print_key_data (pk2);
             }
 	}
       else if (opt.list_sigs && node->pkt->pkttype == PKT_SIGNATURE)
diff --git a/g10/options.h b/g10/options.h
index 968393257..499428e92 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -59,7 +59,8 @@ struct
   int check_sigs; /* check key signatures */
   int with_colons;
   int with_key_data;
-  int with_fingerprint; /* opt --with-fingerprint active */
+  int with_fingerprint; /* Option --with-fingerprint active.  */
+  int with_keygrip;     /* Option --with-keygrip active.  */
   int fingerprint; /* list fingerprints */
   int list_sigs;   /* list signatures */
   int no_armor;
diff --git a/sm/ChangeLog b/sm/ChangeLog
index 9a68f8d43..e10bd3458 100644
--- a/sm/ChangeLog
+++ b/sm/ChangeLog
@@ -1,3 +1,9 @@
+2010-10-08  Werner Koch  <wk@g10code.com>
+
+	* gpgsm.c: Add option --with-keygrip.
+	* gpgsm.h (struct opt): Add WITH_KEYGRIP.
+	* keylist.c (list_cert_std): Implement option.
+
 2010-09-16  Werner Koch  <wk@g10code.com>
 
 	* certchain.c (gpgsm_walk_cert_chain): Use GPG_ERR_MISSING_ISSUER_CERT.
diff --git a/sm/gpgsm.c b/sm/gpgsm.c
index 226704a98..d1b09f422 100644
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@@ -143,6 +143,7 @@ enum cmd_and_opt_values {
   
   oWithFingerprint,
   oWithMD5Fingerprint,
+  oWithKeygrip,
   oAnswerYes,
   oAnswerNo,
   oKeyring,
@@ -371,6 +372,7 @@ static ARGPARSE_OPTS opts[] = {
   ARGPARSE_s_n (oWithEphemeralKeys,  "with-ephemeral-keys", "@"),
   ARGPARSE_s_n (oSkipVerify, "skip-verify", "@"),
   ARGPARSE_s_n (oWithFingerprint, "with-fingerprint", "@"),
+  ARGPARSE_s_n (oWithKeygrip,     "with-keygrip", "@"),
   ARGPARSE_s_s (oDisableCipherAlgo,  "disable-cipher-algo", "@"),
   ARGPARSE_s_s (oDisablePubkeyAlgo,  "disable-pubkey-algo", "@"),
   ARGPARSE_s_n (oIgnoreTimeConflict, "ignore-time-conflict", "@"),
@@ -1244,6 +1246,10 @@ main ( int argc, char **argv)
           opt.fingerprint++;
           break;
 
+        case oWithKeygrip:
+          opt.with_keygrip = 1;
+          break;
+
         case oOptions:
           /* config files may not be nested (silently ignore them) */
           if (!configfp)
diff --git a/sm/gpgsm.h b/sm/gpgsm.h
index 4643fd168..9b7945f81 100644
--- a/sm/gpgsm.h
+++ b/sm/gpgsm.h
@@ -80,6 +80,8 @@ struct
   int with_md5_fingerprint; /* Also print an MD5 fingerprint for
                                standard key listings. */
 
+  int with_keygrip; /* Option --with-keygrip active.  */
+
   int armor;        /* force base64 armoring (see also ctrl.with_base64) */
   int no_armor;     /* don't try to figure out whether data is base64 armored*/
 
diff --git a/sm/keylist.c b/sm/keylist.c
index feb117d10..4f876ff60 100644
--- a/sm/keylist.c
+++ b/sm/keylist.c
@@ -1216,6 +1216,16 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, estream_t fp, int have_secret,
   es_fprintf (fp, "  fingerprint: %s\n", dn?dn:"error");
   xfree (dn);
 
+  if (opt.with_keygrip)
+    {
+      dn = gpgsm_get_keygrip_hexstring (cert);
+      if (dn)
+        {
+          es_fprintf (fp, "      keygrip: %s\n", dn);
+          xfree (dn);
+        }
+    }      
+
   if (have_secret)
     {
       char *cardsn;