coping with unknown keywords on --status-fd
Werner Koch
wk at gnupg.org
Fri Sep 16 07:53:56 CEST 2016
On Thu, 15 Sep 2016 23:39, dkg at fifthhorseman.net said:
> What does "prepared to see" mean? does it mean "can safely ignore" ?
> Is this always going to be the case? If so, can we commit to it
"can safely ignore" is what I meant. Sure, there is a reason for some
keywords and applications should check whether it makes sense for them
to take them in account.
> Recent versions of GnuPG emit KEY_CONSIDERED status lines, which does
> seem like it could be safely ignored.
Right.
> emitting a new status line like KEY_KNOWN_BAD, during signature
> validation, but this would not be safe to ignore.
That would be a new feature of GnuPG and we can't expect that
applications can make use of them without knowing about that feature or
keyword.
> Or, would GnuPG emit a BADSIG instead of of a VALIDSIG in this case, in
> addition to a new KEY_KNOWN_BAD line?
Right, the existing status keywords won't go away. A precendece for
this is that we get a GOODSIG and a VALIDSIG status line for all good
signature. The information in GOODSIG were not sufficient and thus
VALIDSIG was later introduced.
> The clearer we are about what the project commits to going forward, the
> less brittle and more forward-compatible any downstream dependencies
> will be.
Suggestions for a better description are welcome.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 162 bytes
Desc: not available
URL: </pipermail/attachments/20160916/70b402dd/attachment.sig>
More information about the Gnupg-devel
mailing list