mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-02 22:46:30 +02:00
gpg: New import and keyserver option "self-sigs-only"
* g10/options.h (IMPORT_SELF_SIGS_ONLY): New.
* g10/import.c (parse_import_options): Add option "self-sigs-only".
(read_block): Handle that option.
--
This option is intended to help against importing keys with many bogus
key-signatures. It has obvious drawbacks and is not a bullet-proof
solution because a self-signature can also be faked and would be
detected only later.
GnuPG-bug-id: 4591
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 15a425a1df)
This commit is contained in:
Werner Koch
parent
15a425a1df
commit
adb120e663
3 changed files with 47 additions and 2 deletions
|
|
@ -2327,6 +2327,14 @@ opposite meaning. The options are:
|
|||
on the keyring. This option is the same as running the @option{--edit-key}
|
||||
command "clean" after import. Defaults to no.
|
||||
|
||||
@item self-sigs-only
|
||||
Accept only self-signatures while importing a key. All other
|
||||
key-signatures are skipped at an early import stage. This option
|
||||
can be used with @code{keyserver-options} to mitigate attempts to
|
||||
flood a key with bogus signatures from a keyserver. The drawback is
|
||||
that all other valid key-signatures, as required by the Web of Trust
|
||||
are also not imported.
|
||||
|
||||
@item repair-keys
|
||||
After import, fix various problems with the
|
||||
keys. For example, this reorders signatures, and strips duplicate
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue