[PATCH 5/5] gpg: Fix regexp sanitization.
Neal H. Walfield
neal at walfield.org
Wed Jul 19 15:45:35 CEST 2017
At Wed, 19 Jul 2017 15:07:22 +0200,
Damien Goutte-Gattat wrote:
> > I don't see how and why we should do any sane sanitization at all.
> For what is worth, I tend to agree. But I won't pretend I have
> seriously considered all the implications.
I think trust signatures are very useful from an organizational
perspective, but are completely under used.
I think it is worth exploring what the implications of any change in
behavior are. A good start would be finding all trust sigs with a
non-empty regex in a key server dump so that we can see how people are
actually using them in practice. (I suspect there aren't that many.)
More information about the Gnupg-devel