warner at lothar.com
Sun Sep 20 20:55:14 CEST 1998
-----BEGIN PGP SIGNED MESSAGE-----
I've gotten the mailcrypt+gpg code basically working, and have sent it to the
mailcrypt maintainer for inclusion in the next release. In working on it,
I came across a number of enhancements to GPG that would make --batch control
much easier. (listed by decreasing significance)
1. Encrypting to a key that is not fully trusted in --batch mode causes that
key to be dropped from the recipient list. --yes should cause gpg to use
the key anyway. (without --batch the user is warned and asked if the key
should be used anyway, although the name of the key is not printed so it
is hard to figure out which key has the problem). It would be handy if
untrusted keys in --batch mode without --yes were listed on stderr, with a
message about what the problem was, causing an error return
status. Something like:
gpg: foo: no valid trust path
2. "--passphrase-fd 0" is unimplemented. My workaround is to use a perl
script that looks for this in the argument list and creates a pipe to
itself to send the passphrase to a different fd, then exec's the real
GPG. It works, but it would be great to not have to install a wrapper.
The basic problem is that emacs-lisp doesn't provide a way to write to
any file descriptor other than a subprocess' stdin.
3. giving a hex keyid for -r or -u that is the wrong type of subkey should
just use the right subkey for the operation. In particular the primary
keyid should be useable for everything, since the primary keyid is the
easiest value to get by parsing the output of --list-keys.
4. --import from a file that contains multiple key block messages seems to
quit after the first one. All blocks should be imported.
5. There should be a way to drive --edit-key from a system() call. The Gnome
PGP graphical front end <http://maxcom.ml.org/gpgp/>, which uses GPG
despite the name, would probably benefit from this.
warner at lothar.com
-----BEGIN PGP SIGNATURE-----
Version: GNUPG v0.4.0 (GNU/Linux)
Comment: Get GNUPG from ftp://ftp.guug.de/pub/gcrypt/
-----END PGP SIGNATURE-----
More information about the Gnupg-devel