Signing a Key
Nicholas Cole
npcole at yahoo.co.uk
Sat Feb 5 18:39:41 CET 2005
--- David Shaw <dshaw at jabberwocky.com> wrote:
[snip]
> Similarly, by default GnuPG ignores 0x11 signatures.
> Like issuing them, this doesn't stopanyone from
> accepting 0x11 signatures. Any user who cares to
can
> opt-in via "--min-cert-level 1" and accept any
> signatures they like. Given that the whole point of
> an 0x11 signature is to say "I didn't check AT ALL",
> ignoring them by default is safer than accepting
them.
[snip]
Dear David,
Without wishing to question any of the defaults, which
I think make perfect sense, could I just point out
that the man page does not make it clear that level 0
signatures are ALWAYS accepted, regardless of the
min-cert-level? As I read it at the moment, it seems
to suggest that by default level 0 and level 1
signatures are both ignored, which I'm sure is not the
case.
Best,
N.
___________________________________________________________
ALL-NEW Yahoo! Messenger - all new features - even more fun! http://uk.messenger.yahoo.com
More information about the Gnupg-users
mailing list