cmauch at gmail.com
Mon Jul 4 04:28:50 CEST 2005
Could someone explain to me the practical differences between
--sig-policy-url and --cert-policy-url?
The manpage for GnuPG says
Use string as a Policy URL for signatures (rfc2440:18.104.22.168). If you
prefix it with an exclamation mark (!), the policy URL packet will be
flagged as critical. --sig-policy-url sets a policy url for data
signatures. --cert-policy-url sets a policy url for key signatures
(certifications). --set-pol‐ icy-url sets both. The same %-expandos used
for notation data are available here as well.
I ask because i'm guessing that the --sig-policy points to a document that
describes your personal keysigning policies, and --cert-policy would point
to the notes that describe the validity and process you went through to
validate someone's identity and match it to their fingerprint.
Am I right? Is this just one of many interpretations?
When would one need to use the critical flag?
Take it easy, [cmauch at taclug.org]
Charles Mauch, FSF Apologist, Debian/Ubuntu/Gentoo user, etc.
Every message PGP or S/MIME signed to verify authenticity.
Many Bothans died to bring you this information.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Digital signature
Url : /pipermail/attachments/20050703/c2029ec4/attachment.pgp
More information about the Gnupg-users