[PATCH 2/2] with-fingerprint is automatic, and none is default keyid-format

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Jan 28 00:07:02 CET 2016 

---
 doc/DETAILS   |  4 ++--
 doc/gpg.texi  | 16 +++++++++-------
 g10/gpg.c     |  3 +--
 g10/keyid.c   |  4 ++--
 g10/options.h |  1 -
 g10/pkclist.c | 12 ++++--------
 6 files changed, 18 insertions(+), 22 deletions(-)

diff --git a/doc/DETAILS b/doc/DETAILS
index 7d5a5a8..7bab5cd 100644
--- a/doc/DETAILS
+++ b/doc/DETAILS
@@ -20,7 +20,7 @@ parts of the external API for GPG and GPGSM.
   example:
 #+begin_example
 $ gpg --with-colons --list-keys \
-      --with-fingerprint --with-fingerprint wk at gnupg.org
+      --with-fingerprint wk at gnupg.org
 pub:f:1024:17:6C7EE1B8621CC013:899817715:1055898235::m:::scESC:
 fpr:::::::::ECAF7590EB3443B5C7CF3ACB6C7EE1B8621CC013:
 uid:f::::::::Werner Koch <wk at g10code.com>:
@@ -31,7 +31,7 @@ sub:r:1536:20:5CE086B5B5A18FF4:899817788:1025961788:::::esc:
 fpr:::::::::AB059359A3B81F410FCFF97F5CE086B5B5A18FF4:
 #+end_example
 
-The double =--with-fingerprint= prints the fingerprint for the subkeys
+The =--with-fingerprint= prints the fingerprint for the subkeys
 too.  Old versions of gpg used a slightly different format and required
 the use of the option =--fixed-list-mode= to conform to the format
 described here.
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 40eb8db..8fbb778 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -309,12 +309,11 @@ be used to locate a key.  Only public keys are listed.
 
 @item --fingerprint
 @opindex fingerprint
-List all keys (or the specified ones) along with their
-fingerprints. This is the same output as @option{--list-keys} but with
-the additional output of a line with the fingerprint. May also be
-combined with @option{--list-sigs} or @option{--check-sigs}.  If this
-command is given twice, the fingerprints of all secondary keys are
-listed too.
+List all keys (or the specified ones) along with the fingerprints of
+their subkeys. This is the same output as @option{--list-keys} but
+with the additional output of a line with the fingerprint for each
+subkey. May also be combined with @option{--list-sigs} or
+ at option{--check-sigs}.
 
 @item --list-packets
 @opindex list-packets
@@ -1602,7 +1601,10 @@ Select how to display key IDs. "short" is the traditional 8-character
 key ID. "long" is the more accurate (but less convenient)
 16-character key ID. Add an "0x" to either to include an "0x" at the
 beginning of the key ID, as in 0x99242560.  Note that this option is
-ignored if the option --with-colons is used.
+ignored if the option --with-colons is used.  The default is "none"
+because key IDs are rarely the best choice.  For cryptographically
+strong unique identifiers, use the fingerprint.  For human-memorable
+identifiers, use the User ID.
 
 @item --keyserver @code{name}
 @opindex keyserver
diff --git a/g10/gpg.c b/g10/gpg.c
index d660d47..699075b 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -2238,7 +2238,7 @@ main (int argc, char **argv)
     opt.mangle_dos_filenames = 0;
     opt.min_cert_level = 2;
     set_screen_dimensions ();
-    opt.keyid_format = KF_SHORT;
+    opt.fingerprint = 1;
     opt.def_sig_expire = "0";
     opt.def_cert_expire = "0";
     set_homedir (default_homedir ());
@@ -2554,7 +2554,6 @@ main (int argc, char **argv)
             break;
 
 	  case oWithFingerprint:
-            opt.with_fingerprint = 1;
             opt.fingerprint++;
             break;
 	  case oWithICAOSpelling:
diff --git a/g10/keyid.c b/g10/keyid.c
index 0bbd05d..b02f046 100644
--- a/g10/keyid.c
+++ b/g10/keyid.c
@@ -284,7 +284,7 @@ format_keyid (u32 *keyid, int format, char *buffer, int len)
   if (format == KF_DEFAULT)
     format = opt.keyid_format;
   if (format == KF_DEFAULT)
-    format = KF_SHORT;
+    format = KF_NONE;
 
   switch (format)
     {
@@ -331,7 +331,7 @@ keystrlen(void)
 {
   int format = opt.keyid_format;
   if (format == KF_DEFAULT)
-    format = KF_SHORT;
+    format = KF_NONE;
 
   switch(format)
     {
diff --git a/g10/options.h b/g10/options.h
index f8550d1..774e15e 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -70,7 +70,6 @@ struct
   int with_colons;
   int with_key_data;
   int with_icao_spelling; /* Print ICAO spelling with fingerprints.  */
-  int with_fingerprint; /* Option --with-fingerprint active.  */
   int with_keygrip;     /* Option --with-keygrip active.  */
   int with_secret;      /* Option --with-secret active.  */
   int fingerprint; /* list fingerprints */
diff --git a/g10/pkclist.c b/g10/pkclist.c
index d9ada59..21fdacb 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -529,8 +529,7 @@ check_signatures_trust( PKT_signature *sig )
     {
       if( !opt.quiet )
         log_info(_("WARNING: Using untrusted key!\n"));
-      if (opt.with_fingerprint)
-        print_fingerprint (NULL, pk, 1);
+      print_fingerprint (NULL, pk, 1);
       goto leave;
     }
 
@@ -640,8 +639,7 @@ check_signatures_trust( PKT_signature *sig )
       write_status( STATUS_TRUST_NEVER );
       log_info(_("WARNING: We do NOT trust this key!\n"));
       log_info(_("         The signature is probably a FORGERY.\n"));
-      if (opt.with_fingerprint)
-        print_fingerprint (NULL, pk, 1);
+      print_fingerprint (NULL, pk, 1);
       rc = gpg_error (GPG_ERR_BAD_SIGNATURE);
       break;
 
@@ -656,14 +654,12 @@ check_signatures_trust( PKT_signature *sig )
 
     case TRUST_FULLY:
       write_status( STATUS_TRUST_FULLY );
-      if (opt.with_fingerprint)
-        print_fingerprint (NULL, pk, 1);
+      print_fingerprint (NULL, pk, 1);
       break;
 
     case TRUST_ULTIMATE:
       write_status( STATUS_TRUST_ULTIMATE );
-      if (opt.with_fingerprint)
-        print_fingerprint (NULL, pk, 1);
+      print_fingerprint (NULL, pk, 1);
       break;
     }
 
-- 
2.7.0.rc3

More information about the Gnupg-devel mailing list