Using --output with --verify
Ben McGinnes
ben at adversary.org
Mon Sep 12 11:37:14 CEST 2016
On Thu, Sep 08, 2016 at 12:52:31AM +0200, Werner Koch wrote:
> Hi,
>
> it has been reported that --output has no effect if --verify is used to
> verify signed data. This is also what the man page says. However, in
> particular for binary signatures and clearsigs it is useful to get hold
> of the actual signed data.
>
> Thus I slightly changed the semantics of --verify to allow the use of
> --output. For example by using "--verify --output -" the signed text
> can be printed to stdout. This change (commit bbe940c) should not
> introduce problems but if it does, please tell us soon.
>
> The next step will be to add an --output option to gpgv.
Wouldn't it be better to output message data like that (basically
anything GPG might otherwise report to stdout or stderr) using a
different flag so that the same verification data could be captured
separately when verifying a signed and encrypted file as well?
Something like:
gpg --message msgreport.txt --output file.txt --decrypt file.txt.asc
That would also avoid confusion amongst end users regarding precisely
what the --output flag does and what the new function dows.
Regards,
Ben
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 630 bytes
Desc: not available
URL: </pipermail/attachments/20160912/3741bd7e/attachment.sig>
More information about the Gnupg-devel
mailing list