Batch Signing

Chris Wilson chris at camcom.co.uk
Tue May 22 16:10:01 CEST 2001


Hi all,

First of all, thanks for GPG, it's great =)

In current versions (e.g. 1.0.5) it is impossible to do batch key
signatures. This is a real pain for us, because customers submit their
keys to us by Web form, and we want to send encrypted mail to them without
trust warnings and without having to sign them manually. Ideally we would
like a mode where GPG ignores the trust database and just encrypts
messages as told, but I'd guess that's a long way away... In the meantime
we are happy to sign keys we don't trust, although obviously that isn't
ideal.

In any case, although it appears that GPG was designed to support batch
signing (the sign_uids function checks for --batch together with --yes),
this was effectively disabled by an earlier test in keyedit_menu which
ensures that commands != NULL. I'm not sure why aLSignKey isn't a command
-- any takers? -- but anyway I think it should be safe to bypass this test
if sign_mode != 0.

I have attached a patch to make this change. Please let me know if this
will be incorporated into the main branch, so we can stop using custom
builds of gpg. If you have any questions, please feel free to e-mail me as
I'm not on the list.

Thanks again,

Chris.
--
   ___ __     _
 / __// / ,__(_)_  | Chris Wilson <chris at camcom.co.uk> | +44 1223 576 516 |
/ (_ / ,\/ _/ /_ \ | Lead Developer - Firewall Systems | www.camcom.co.uk |
\ _//_/_/_//_/___/ | Unix Systems and Network Engineer +-- Cambridge UK --+





More information about the Gnupg-devel mailing list