Signing a Key
David Shaw
dshaw at jabberwocky.com
Sat Feb 5 20:38:18 CET 2005
On Sat, Feb 05, 2005 at 05:39:41PM +0000, Nicholas Cole wrote:
> --- David Shaw <dshaw at jabberwocky.com> wrote:
>
> [snip]
>
> > Similarly, by default GnuPG ignores 0x11 signatures.
> > Like issuing them, this doesn't stopanyone from
> > accepting 0x11 signatures. Any user who cares to
> can
> > opt-in via "--min-cert-level 1" and accept any
> > signatures they like. Given that the whole point of
> > an 0x11 signature is to say "I didn't check AT ALL",
> > ignoring them by default is safer than accepting
> them.
>
> [snip]
>
> Dear David,
>
> Without wishing to question any of the defaults, which
> I think make perfect sense, could I just point out
> that the man page does not make it clear that level 0
> signatures are ALWAYS accepted, regardless of the
> min-cert-level? As I read it at the moment, it seems
> to suggest that by default level 0 and level 1
> signatures are both ignored, which I'm sure is not the
> case.
You're right. The manual is misleading on this point. I'll fix it.
David
More information about the Gnupg-users
mailing list