Thu Dec 5 22:44:02 2002
David Shaw <firstname.lastname@example.org> schrieb am 2002-12-05 20:45 Uhr:
>> sig!2 P C9541FB2 2002-06-29 Douglas F. Calvert <email@example.com>
>> Betwheen the "sig" and the 8-byte Key-ID there are 10 characters space.
>> Where do I find a complete compilation of all possible values they can take
>> and their meaning?
> "sig", followed by:
> 1. ! for good sig, - for bad sig, % for error, and blank for no public
> key available to verify sig.
... only displayed at --check-sigs, not at --list-sigs
> 2. 1-3, giving the verification level of the key. This is just
> cosmetic (a note from the signer to you) and has no bearing on
> whether the key is trusted or not.
Good to know, especially when it comes to robot-sigs ...
> 5. P if a policy URL exists on this signature, blank if not.
gpg --check-sigs --show-policy-url 13300731
as an example. Nice!
Is there a way to "tune up" an already given signature?
> 6. N if a notation exists on this signature, blank if not.
gpg --check-sigs --show-notation
Don't have an example for this in my keyring.
> 8. 1-9 if this is a trust signature, or "T" if the trust signature
> depth is greater than 9. Blank if not a trust signature. (GnuPG
> 1.3.x only).
Is this new to GPG only?
I have found this value set on quite old keys:
pub 1024R/BB1D9F6D 1997-03-04 ct magazine CERTIFICATE <pgpCA@ct.heise.de>
sig! 1 B3B2A12C 1999-05-12 ct magazine CERTIFICATE <pgpCA@ct.heise.de>
>> The second character after the "sig" is new since GPG 1.0.7 and indicates
>> the quality of a signature. Where can I get more information about this new
>> I haven't found anything about this except the release notes for 1.0.7 and
>> the dialogs inside the program and those are rather short.
> Make a signature, and when it asks you for the level, enter a '?'.
Some more FAQ style questions:
Signatures made by GPG 1.0.7 and later often have a number that expresses
how good identity checking had been done before signing.
Are those signatures better than the old ones without a number?
Can I update signatures I made to other's keys with earlier versions of GPG
or PGP to include with such a number (it should remain the same signature,
I signed someone's key with sig!1 some time ago. In the meantime I got to
know him realy well and had occation for a thorough identity check.
Can I update this (same) signature to sig!3 ?