[git] GnuPG - branch, master, updated. gnupg-2.1.0-62-gf4ed04f
by Andre Heinecke
cvs at cvs.gnupg.org
Fri Dec 5 15:26:12 CET 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via f4ed04fca8885301b567ec004ffff0d6e24f4611 (commit)
from 8720125f5a283ede34e52c2493b8a9b0226ae62c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit f4ed04fca8885301b567ec004ffff0d6e24f4611
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Fri Dec 5 11:16:14 2014 +0100
Document no-allow-mark-trusted option
doc: Document no-allow-mark-trusted for gpg-agent
* doc/gpg-agent.texi: Change allow-mark-trusted doc to
no-allow-mark-trusted.
--
Since rev. 78a56b14 allow-mark-trusted is the default option
and was replaced by no-allow-mark-trusted to disable the
interactive prompt.
Signed-off-by: Andre Heinecke <aheinecke at intevation.de>
diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi
index 7523043..36bd0c2 100644
--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@@ -350,12 +350,12 @@ descriptor has been set on a Windows platform, the Registry entry
the logging output.
- at anchor{option --allow-mark-trusted}
- at item --allow-mark-trusted
- at opindex allow-mark-trusted
-Allow clients to mark keys as trusted, i.e. put them into the
- at file{trustlist.txt} file. This is by default not allowed to make it
-harder for users to inadvertently accept Root-CA keys.
+ at anchor{option --no-allow-mark-trusted}
+ at item --no-allow-mark-trusted
+ at opindex no-allow-mark-trusted
+Do not allow clients to mark keys as trusted, i.e. put them into the
+ at file{trustlist.txt} file. This makes it harder for users to inadvertently
+accept Root-CA keys.
@anchor{option --allow-preset-passphrase}
@item --allow-preset-passphrase
@@ -650,11 +650,10 @@ administrator might have already entered those keys which are deemed
trustworthy enough into this file. Places where to look for the
fingerprint of a root certificate are letters received from the CA or
the website of the CA (after making 100% sure that this is indeed the
-website of that CA). You may want to consider allowing interactive
-updates of this file by using the @xref{option --allow-mark-trusted}.
-This is however not as secure as maintaining this file manually. It is
-even advisable to change the permissions to read-only so that this file
-can't be changed inadvertently.
+website of that CA). You may want to consider disallowing interactive
+updates of this file by using the @xref{option --no-allow-mark-trusted}.
+It might even be advisable to change the permissions to read-only so
+that this file can't be changed inadvertently.
As a special feature a line @code{include-default} will include a global
list of trusted certificates (e.g. @file{/etc/gnupg/trustlist.txt}).
@@ -751,7 +750,7 @@ again. Only certain options are honored: @code{quiet},
@code{verbose}, @code{debug}, @code{debug-all}, @code{debug-level},
@code{no-grab}, @code{pinentry-program}, @code{default-cache-ttl},
@code{max-cache-ttl}, @code{ignore-cache-for-signing},
- at code{allow-mark-trusted}, @code{disable-scdaemon}, and
+ at code{no-allow-mark-trusted}, @code{disable-scdaemon}, and
@code{disable-check-own-socket}. @code{scdaemon-program} is also
supported but due to the current implementation, which calls the
scdaemon only once, it is not of much use unless you manually kill the
-----------------------------------------------------------------------
Summary of changes:
doc/gpg-agent.texi | 23 +++++++++++------------
1 file changed, 11 insertions(+), 12 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list