[PATCH] improve documentation about VALIDSIG

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Jul 7 18:00:16 CEST 2015


* doc/DETAILS: improve documentation about VALIDSIG

--

the claim that VALIDSIG is the same as GOODSIG is simply wrong.
Attempt to clarify it.  Also, the paragraph about primary-key-fpr and
sig-version was weirdly re-ordered during the org-mode conversion in
65eb98966a569a91c97d0c23ba5582a9a7558de0; repair it.

Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
---
 doc/DETAILS | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/doc/DETAILS b/doc/DETAILS
index d1f7394..23a5420 100644
--- a/doc/DETAILS
+++ b/doc/DETAILS
@@ -408,12 +408,15 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
     - <sig-class>
     - [ <primary-key-fpr> ]
 
-    This status indicates that the signature is good. This is the same
-    as GOODSIG but has the fingerprint as the argument. Both status
-    lines are emitted for a good signature.  All arguments here are on
-    one long line.  sig-timestamp is the signature creation time in
-    seconds after the epoch. expire-timestamp is the signature
-    expiration time in seconds after the epoch (zero means "does not
+    This status indicates that the signature is cryptographically
+    valid. This similar to GOODSIG or EXPSIG or EXPKEYSIG or REVSIG
+    (depending on the date and the state of the signature and signing
+    key) but has the fingerprint as the argument. Multiple status
+    lines (VALIDSIG and the other appropriate *SIG status) are emitted
+    for a valid signature.  All arguments here are on one long line.
+    sig-timestamp is the signature creation time in seconds after the
+    epoch. expire-timestamp is the signature expiration time in
+    seconds after the epoch (zero means "does not
     expire"). sig-version, pubkey-algo, hash-algo, and sig-class (a
     2-byte hex value) are all straight from the signature packet.
     PRIMARY-KEY-FPR is the fingerprint of the primary key or identical
@@ -421,8 +424,8 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
     key without running gpg again for this purpose.
 
     The primary-key-fpr parameter is used for OpenPGP and not
-    class is not defined for CMS and currently set to 0 and 00.
     available for CMS signatures.  The sig-version as well as the sig
+    class is not defined for CMS and currently set to 0 and 00.
 
     Note, that *-TIMESTAMP may either be a number of seconds since
     Epoch or an ISO 8601 string which can be detected by the presence
-- 
2.1.4




More information about the Gnupg-devel mailing list