diff --git a/g10/ChangeLog b/g10/ChangeLog
index 96e18b19f..fba2677f3 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,14 @@
+2003-07-01  David Shaw  <dshaw@jabberwocky.com>
+
+	* misc.c (pct_expando): Add two new expandos - signer's
+	fingerprint (%g), and signer's primary fingerprint (%p).
+
+	* tdbio.h, tdbio.c (create_version_record, tdbio_write_nextcheck,
+	tdbio_read_record, tdbio_write_record): Force a 0 into the
+	trust_model field.  This is to help smooth the 1.2->1.4
+	switchover, as otherwise a 1.4 trustdb could be rebuilt as classic
+	on 1.2 while still claiming to be a non-classic trust model.
+
 2003-06-26  David Shaw  <dshaw@jabberwocky.com>
 
 	* keyserver.c (keyserver_spawn): Use ascii_isspace instead of
diff --git a/g10/misc.c b/g10/misc.c
index 24e258d89..464697ddf 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -320,6 +320,8 @@ pct_expando(const char *string,struct expando_args *args)
   if(args->sk)
     keyid_from_sk(args->sk,sk_keyid);
 
+  /* This is used so that %k works in photoid command strings in
+     --list-secret-keys (which of course has a sk, but no pk). */
   if(!args->pk && args->sk)
     keyid_from_sk(args->sk,pk_keyid);
 
@@ -381,16 +383,31 @@ pct_expando(const char *string,struct expando_args *args)
 		}
 	      break;
 
-	    case 'f': /* fingerprint */
+	    case 'p': /* primary pk fingerprint of a sk */
+	    case 'f': /* pk fingerprint */
+	    case 'g': /* sk fingerprint */
 	      {
 		byte array[MAX_FINGERPRINT_LEN];
 		size_t len;
 		int i;
 
-		if(args->pk)
+		if((*(ch+1))=='p' && args->sk
+		   && (args->sk->main_keyid[0] || args->sk->main_keyid[1]))
+		  {
+		    PKT_public_key *pk=m_alloc_clear(sizeof(PKT_public_key));
+
+		    if(get_pubkey_fast(pk,args->sk->main_keyid)==0)
+		      fingerprint_from_pk(pk,array,&len);
+		    else
+		      memset(array,0,(len=MAX_FINGERPRINT_LEN));
+		    free_public_key(pk);
+		  }
+		else if((*(ch+1))=='f' && args->pk)
 		  fingerprint_from_pk(args->pk,array,&len);
+		else if((*(ch+1))=='g' && args->sk)
+		  fingerprint_from_sk(args->sk,array,&len);
 		else
-		  memset(array,0, (len=MAX_FINGERPRINT_LEN));
+		  memset(array,0,(len=MAX_FINGERPRINT_LEN));
 
 		if(idx+(len*2)<maxlen)
 		  {
diff --git a/g10/tdbio.c b/g10/tdbio.c
index d5e01238c..7a5d85d77 100644
--- a/g10/tdbio.c
+++ b/g10/tdbio.c
@@ -432,6 +432,7 @@ create_version_record (void)
   rec.r.ver.marginals  = opt.marginals_needed;
   rec.r.ver.completes  = opt.completes_needed;
   rec.r.ver.cert_depth = opt.max_cert_depth;
+  rec.r.ver.trust_model= 0;
   rec.rectype = RECTYPE_VER;
   rec.recnum = 0;
   rc = tdbio_write_record( &rec );
@@ -687,10 +688,16 @@ tdbio_write_nextcheck (ulong stamp)
 	log_fatal( _("%s: error reading version record: %s\n"),
 				       db_name, g10_errstr(rc) );
 
-    if (vr.r.ver.nextcheck == stamp)
+    if (vr.r.ver.nextcheck == stamp && vr.r.ver.trust_model == 0)
       return 0;
 
     vr.r.ver.nextcheck = stamp;
+    /* Force this to the classic trustdb since that is what we are
+       building.  This is to help smooth the 1.2->1.4 switchover, as
+       otherwise a 1.4 trustdb could be rebuilt as classic on 1.2
+       while still claiming to be a non-classic trust model. */
+    vr.r.ver.trust_model = 0;
+
     rc = tdbio_write_record( &vr );
     if( rc )
 	log_fatal( _("%s: error writing version record: %s\n"),
@@ -1169,10 +1176,8 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
 	rec->r.ver.marginals = *p++;
 	rec->r.ver.completes = *p++;
 	rec->r.ver.cert_depth = *p++;
-	/* Warning - one byte of this is used in the devel version.
-	   If you change this, make sure to consult the same code in
-	   devel. */
-	p += 4; /* lock flags */
+	rec->r.ver.trust_model = *p++;
+	p += 3;
 	rec->r.ver.created  = buftoulong(p); p += 4;
 	rec->r.ver.nextcheck = buftoulong(p); p += 4;
 	p += 4;
@@ -1257,10 +1262,8 @@ tdbio_write_record( TRUSTREC *rec )
 	*p++ = rec->r.ver.marginals;
 	*p++ = rec->r.ver.completes;
 	*p++ = rec->r.ver.cert_depth;
-	/* Warning - one byte of this is used in the devel version.
-	   If you change this, make sure to consult the same code in
-	   devel. */
-	p += 4; /* skip lock flags */
+	*p++ = rec->r.ver.trust_model;
+	p += 3;
 	ulongtobuf(p, rec->r.ver.created); p += 4;
 	ulongtobuf(p, rec->r.ver.nextcheck); p += 4;
 	p += 4;
diff --git a/g10/tdbio.h b/g10/tdbio.h
index 898b800b2..dd0ad99ab 100644
--- a/g10/tdbio.h
+++ b/g10/tdbio.h
@@ -54,6 +54,7 @@ struct trust_record {
 	    byte  marginals;
 	    byte  completes;
 	    byte  cert_depth;
+	    byte  trust_model;
 	    ulong created;   /* timestamp of trustdb creation  */
 	    ulong nextcheck; /* timestamp of next scheduled check */
 	    ulong reserved;