GPGME wishlist...

Robert J. Hansen rjhansen at
Mon May 27 14:23:02 CEST 2002

*  The terminology in the documentation is a little awkward when it comes 
to signatures (on keys/user IDs).  For instance, there's a section on 
"Trust Items"--well, yeah, signatures tell us if a key/userid is or isn't 
trusted... on the other hand, gpgme_key_get_string_attr says that it's 
used for "attributes of sub keys and user IDs", and a signature is an 
attribute of those, so... etc.  It appears that both interfaces are 
necessary to some degree, but the docs never make it clear to what degree 
each are necessary.

*  How to get key signature information is a little 
awkward/counterintuitive.  For instance, according to my current (limited) 
understanding of the interface, in order to process key signatures I must:

1.  call gpgme_op_trustlist_start, passing in a 16-hex key ID to uniquely 
identify the key I want to iterate over

2.  start pulling trust items off the key

3.  get each item's GPGME_ATTR_USERID

4.  ... and only then can I associate a given trust item with a given user 

Please note: I haven't written code that works this way yet.  This is just 
the way I understand it to be, from looking at the docs.  If I'm 
misunderstanding, then please take my idiocy as evidence the docs need to 
be written for congenital idiots such as myself (grin).  If I'm not 
misunderstanding the docs, then it seems like we're making the process 
tougher than it needs to be.

Possible solution: add a new function,

	GpgmeCtx ctx,
	const char *hexID,
	int userID,
	int max_level

... which would act just like gpgme_op_trustlist_start, except it would 
restrict the iteration to a given user ID.  This would make things a 
little easier for those of us who aren't geniuses.  :)

It's 6:20am and now I'm going to bed.  Thanks, guys.

More information about the Gnupg-devel mailing list