trust field for CMS

Bernhard Reiter bernhard at
Fri Dec 12 08:49:06 CET 2008

Am Freitag, 5. Dezember 2008 10:42:10 schrieb Werner Koch:
> On Thu, 21 Aug 2008 16:20, bernhard at said:
> > What about using 'm' in CMS (X.509) to indicate that
> > --disable-crl-checks OR --disable-policy-checks is active?
> I do not think tha this is a good idea.  For OpenPGP we have no way to
> to check whether gpg has recently checked for a revocation certificate
> and thus the behaviour would be different between OpenPGP and X.509: In
> OpenPGP the 'm' describes a "marginally valid certificate" whereas in
> X.509 it descrives, a "fully valid certificate", just not checked for
> revocations.

Yes, I agree that it is different.
I was wondering how this status could be communicated 
and what "marginally valid certificate" translated to in client action.
So I saw the coindicence.

Managing Director - Owner:       (Free Software Company)
Germany Coordinator: Coordinator:
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 206 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20081212/a78adc2d/attachment.pgp>

More information about the Gnupg-devel mailing list