mirror of
git://git.gnupg.org/gnupg.git
synced 2024-11-09 21:28:51 +01:00
8a12a2000d
* sm/gpgsm.h (VALIDATE_FLAG_STEED): New. * sm/gpgsm.c (gpgsm_parse_validation_model): Add model "steed". * sm/server.c (option_handler): Allow validation model "steed". * sm/certlist.c (gpgsm_cert_has_well_known_private_key): New. * sm/certchain.c (do_validate_chain): Handle the well-known-private-key attribute. Support the "steed" model. (gpgsm_validate_chain): Ditto. * sm/verify.c (gpgsm_verify): Return "steed" in the trust status line. * sm/keylist.c (list_cert_colon): Print the new 'w' flag. -- This is the first part of changes to implement the STEED proposal as described at http://g10code.com/steed.html . The idea for X.509 is not to use plain self-signed certificates but certificates signed by a dummy CA (i.e. one for which the private key is known). Having a single CA as an indication for the use of STEED might help other X.509 implementations to implement STEED. |
||
|---|---|---|
| .. | ||
| base64.c | ||
| call-agent.c | ||
| call-dirmngr.c | ||
| certchain.c | ||
| certcheck.c | ||
| certdump.c | ||
| certlist.c | ||
| certreqgen-ui.c | ||
| certreqgen.c | ||
| ChangeLog-2011 | ||
| decrypt.c | ||
| delete.c | ||
| encrypt.c | ||
| export.c | ||
| fingerprint.c | ||
| gpgsm.c | ||
| gpgsm.h | ||
| import.c | ||
| keydb.c | ||
| keydb.h | ||
| keylist.c | ||
| Makefile.am | ||
| minip12.c | ||
| minip12.h | ||
| misc.c | ||
| qualified.c | ||
| server.c | ||
| sign.c | ||
| verify.c | ||