Cleaning bad signatures
8 Dec 2000 09:50:55 -0000

I've started using gpg after a long no-pgp break.  Way too long
in fact.  While I generally like gpg more than pgp 5.x under
NetBSD, I have some questions.

One, does --check-sig actually remove bad signatures?  If
not, what does?  I'm getting tired of seeing warning
messages on my screen.

It would be a nice feature to _always_ be able to import
public keys when one has the secret key.  When I moved
things from pgp by importing my secret ring then my
public one, one key I had revoked a very long time ago
was not self-signed.  gpg didn't import it, which was
rather annoying.

It might be handy to have a --assign-ownertrust or
--show-ownertrust command that will scan the public keyring,
and for each key that is verified allow the ownertrust to be
assigned (if not already there) and to show the values

Lastly, do people see the need for a key server that allows
more control over how keys are presented to the outside world?
I'm considering writing one in my non-existant spare time,
and even though I'm largely to blame for the existing
keyserver key management, I think I can do it better if
I find the time.  :)


Archive is at - Unsubscribe by sending mail
with a subject of  "unsubscribe"  to