mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
Document --auto-issuer-key-retrieve.
This commit is contained in:
parent
55ba204bfa
commit
c1270f06fe
9
TODO
9
TODO
@ -129,3 +129,12 @@
|
||||
This may happen and lead to an Ambiguous Name error. Solution is to
|
||||
check the certs for identity before throwing this error.
|
||||
|
||||
* Gpg-Agent Locale
|
||||
Although we pass LC_MESSAGE from gpgsm et al. to Pinentry, this has
|
||||
only an effect on the stock GTK strings (e.g. "OK") and not on any
|
||||
strings gpg-agent generates and passes to Pinentry. This defeats
|
||||
our design goal to allow changing the locale without changing
|
||||
gpg-agent's default locale (e.g. by the command updatestartuptty).
|
||||
|
||||
|
||||
|
||||
|
@ -1,3 +1,8 @@
|
||||
2007-11-19 Werner Koch <wk@g10code.com>
|
||||
|
||||
* gpgsm.texi (Certificate Options): Document
|
||||
--auto-issuer-key-retrieve.
|
||||
|
||||
2007-11-15 Werner Koch <wk@g10code.com>
|
||||
|
||||
* gpg.texi (GPG Configuration): Add PINENTRY_USER_DATA.
|
||||
|
@ -554,6 +554,7 @@ more arguments in future versions.
|
||||
8 := "Policy mismatch"
|
||||
9 := "Not a secret key"
|
||||
10 := "Key not trusted"
|
||||
11 := "Missing certifciate" (e.g. intermediate or root cert.)
|
||||
|
||||
Note that this status is also used for gpgsm's SIGNER command
|
||||
where it relates to signer's of course.
|
||||
|
@ -405,7 +405,7 @@ command. This option should not be used in a configuration file.
|
||||
@itemx --disable-ocsp
|
||||
@opindex enable-ocsp
|
||||
@opindex disable-ocsp
|
||||
Be default @acronym{OCSP} checks are disabled. The enable opton may
|
||||
Be default @acronym{OCSP} checks are disabled. The enable option may
|
||||
be used to enable OCSP checks via Dirmngr. If @acronym{CRL} checks
|
||||
are also enabled, CRLs will be used as a fallback if for some reason an
|
||||
OCSP request won't succeed. Note, that you have to allow OCSP
|
||||
@ -413,6 +413,17 @@ requests in Dirmngr's configuration too (option
|
||||
@option{--allow-ocsp} and configure dirmngr properly. If you don't do
|
||||
so you will get the error code @samp{Not supported}.
|
||||
|
||||
@item --auto-issuer-key-retrieve
|
||||
@opindex auto-issuer-key-retrieve
|
||||
If a required certificate is missing while validating the chain of
|
||||
certificates, try to load that certificate from an external location.
|
||||
This usually means that Dirmngr is employed t search for the
|
||||
certificate. Note that this option makes a "web bug" like behavior
|
||||
possible. LDAP server operators can see which keys you request, so by
|
||||
sending you a message signed by a brand new key (which you naturally
|
||||
will not have on your local keybox), the operator can tell both your IP
|
||||
address and the time when you verified the signature.
|
||||
|
||||
|
||||
@item --validation-model @var{name}
|
||||
@opindex validation-model
|
||||
|
@ -1,5 +1,7 @@
|
||||
2007-11-19 Werner Koch <wk@g10code.com>
|
||||
|
||||
* server.c (cmd_recipient, cmd_signer): Add error reason 11.
|
||||
|
||||
* gpgsm.c (main): Print a warning if --audit-log is used.
|
||||
|
||||
2007-11-15 Werner Koch <wk@g10code.com>
|
||||
|
@ -359,7 +359,7 @@ gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
|
||||
{
|
||||
ksba_cert_t cert2 = NULL;
|
||||
|
||||
/* If this is the first possible duplicate, add thye orginal
|
||||
/* If this is the first possible duplicate, add the original
|
||||
certificate to our list of duplicates. */
|
||||
if (!dup_certs)
|
||||
gpgsm_add_cert_to_certlist (ctrl, cert, &dup_certs, 0);
|
||||
|
@ -380,6 +380,7 @@ cmd_recipient (assuan_context_t ctx, char *line)
|
||||
r == GPG_ERR_NO_CRL_KNOWN? "6":
|
||||
r == GPG_ERR_CRL_TOO_OLD? "7":
|
||||
r == GPG_ERR_NO_POLICY_MATCH? "8":
|
||||
r == GPG_ERR_MISSING_CERT? "11":
|
||||
"0",
|
||||
line, NULL);
|
||||
}
|
||||
@ -425,6 +426,7 @@ cmd_signer (assuan_context_t ctx, char *line)
|
||||
r == GPG_ERR_CRL_TOO_OLD? "7":
|
||||
r == GPG_ERR_NO_POLICY_MATCH? "8":
|
||||
r == GPG_ERR_NO_SECKEY? "9":
|
||||
r == GPG_ERR_MISSING_CERT? "11":
|
||||
"0",
|
||||
line, NULL);
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user