1.3.6 cert signatures

David Shaw dshaw at jabberwocky.com
Wed Aug 4 00:17:14 CEST 2004

On Sun, Jul 25, 2004 at 05:30:01PM -0400, Atom 'Smasher' wrote:

> >>2) according to the 1.3.6 man page, "--ask-cert-level" should be on by
> >>default. that seems to be incorrect.
> >
> >Yes.  That's a documentation error.  --ask-cert-level is off by
> >default.
> ===================
> i would think the default should be to ask... new users won't know to set 
> an option, and experienced users can turn it off if they want.

The reasoning behind this is that new users seem to be confused by it.
They mistake it for something to do with the web of trust and don't
really know what to set it to.  There were also users who took it a
little too literally and started signing every key they saw with level
1 signatures.  It's really an experienced user thing, so we changed it
for 1.3.x to be off by default.


More information about the Gnupg-devel mailing list