trust field for CMS
Werner Koch
wk at gnupg.org
Fri Dec 5 10:42:10 CET 2008
On Thu, 21 Aug 2008 16:20, bernhard at intevation.de said:
> What about using 'm' in CMS (X.509) to indicate that
> --disable-crl-checks OR --disable-policy-checks is active?
I do not think tha this is a good idea. For OpenPGP we have no way to
to check whether gpg has recently checked for a revocation certificate
and thus the behaviour would be different between OpenPGP and X.509: In
OpenPGP the 'm' describes a "marginally valid certificate" whereas in
X.509 it descrives, a "fully valid certificate", just not checked for
revocations.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gnupg-devel
mailing list