coping with unknown keywords on --status-fd

Werner Koch wk at
Fri Sep 16 07:53:56 CEST 2016

On Thu, 15 Sep 2016 23:39, dkg at said:

> What does "prepared to see" mean?  does it mean "can safely ignore" ?
> Is this always going to be the case?  If so, can we commit to it

"can safely ignore" is what I meant.  Sure, there is a reason for some
keywords and applications should check whether it makes sense for them
to take them in account.

> Recent versions of GnuPG emit KEY_CONSIDERED status lines, which does
> seem like it could be safely ignored.


> emitting a new status line like KEY_KNOWN_BAD, during signature
> validation, but this would not be safe to ignore.

That would be a new feature of GnuPG and we can't expect that
applications can make use of them without knowing about that feature or

> Or, would GnuPG emit a BADSIG instead of of a VALIDSIG in this case, in
> addition to a new KEY_KNOWN_BAD line?

Right, the existing status keywords won't go away.  A precendece for
this is that we get a GOODSIG and a VALIDSIG status line for all good
signature.  The information in GOODSIG were not sufficient and thus
VALIDSIG was later introduced.

> The clearer we are about what the project commits to going forward, the
> less brittle and more forward-compatible any downstream dependencies
> will be.

Suggestions for a better description are welcome.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 162 bytes
Desc: not available
URL: </pipermail/attachments/20160916/70b402dd/attachment.sig>

More information about the Gnupg-devel mailing list