GPGME recipients Q: is this a bug or a feature?

Robert J. Hansen rjhansen at
Fri Jun 28 16:36:01 CEST 2002

> In general it does not make sense to encrypt something to a recipeint
> you don't trust.  The way to overcome this is by signing the
> recipeints key locally.

It seems like there's a pretty bad clash of policies here.  GPG's policy
is, "we can still work if it's untrusted", and GPGME's is "we can't work
if it's untrusted".  It would be good, IMO, if GPGME's policy on the
matter were to reflect GPG's policy on the matter, regardless of what
that policy actually is.

Geek Code: GAT d- s+:+ a27 C++(+++)$ ULB++>++++ P++ L+++>++++ E W+ N+ w
           PS+ PE++ Y++ PGP++ t+ 5++ X-- R tv b+++ DI++ D--- G+ e++ h*
           r* y+* 

More information about the Gnupg-devel mailing list