Charles Mauch cmauch at
Fri Jul 8 03:25:51 CEST 2005

I was browsing through the gnupg manual the other day and was wondering
about what (if any) conventions are in use for the --sig-policy-url and
--cert-policy-url options.

From what I guess, --cert-policy-url should point to a textfile on a website
describing any details you noted when signing someone's key, for example at
a keysigning and type types of id presented, etc.

--sig-policy-url would is where I'm a little unsure.  Is this meant to point
to a url with the detached signature of the note listed in --cert-policy-url?  
I'm thinking that if I chose to use this, my signing commandline would
change to look something like:

gpg --cert-policy-url http://website/PGPLONGID \
 --sig-policy-url htpt://website/PGPLONGID.sig --sign-key KEYID

Or does --sig-policy-url point to a document (probably html) which describes
your procedure for keysignings, how you assign trust, etc?

Just trying to make sure I understand these options... Thanks...

Take it easy, [cmauch at]

Charles Mauch, FSF Apologist, Debian/Ubuntu/Gentoo user, etc.
Every message PGP or S/MIME signed to verify authenticity.

If PacMan had affected us as kids we'd be running around in dark rooms,
munching pills and listening to electronic music.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20050707/d4e1ef2b/attachment.pgp

More information about the Gnupg-users mailing list