clean sigs

Dirk Traulsen dirk.traulsen at lypso.de
Wed Oct 26 10:24:38 CEST 2005


Am 11 Sep 2005 um 23:01 hat David Shaw geschrieben:

> On Fri, Sep 09, 2005 at 09:59:53AM -0500, John Clizbe wrote:
> > David Shaw wrote:
> > > There is perhaps an argument to be made for a 
> > > "super clean" that does clean and also removes any
> > > signature where the signing key is
> > > not present (in fact, an early version of clean did that),
> > > but that's a different thing than clean.
> > 
> > Perhaps --scrub ?  --sanitize ?  --disinfect ?
> 
> I rather like "minimize", but this isn't really a minimal key
> (as it has signatures other than selfsigs).


I gave the naming some thought. Witty and funny names aside, I think 
there are so many commands and options, that it would be better to 
expand the name and not take a new one.
. 
I suggest following solution: a new option 'clean [total]'.

This could be the new part in the man-page:

=======Proposal==================

clean     Cleans keys by removing unusable pieces.  This com-
          mand can be used to keep keys neat and  clean,  and
          it has no effect aside from that.

          sigs      Remove any signatures that are not usable
                    by the trust calculations.  For  example,
                    this  removes any signature that does not
                    validate.  It also removes any  signature
                    that  is superceded by a later signature,
                    or signatures that were revoked.

          uids      Compact  (by  removing   all   signatures
                    except  the  selfsig) any user ID that is
                    no  longer  usable  (e.g.   revoked,   or
                    expired).

          total     Remove like above any  unusable signature
                    and UID,  but  also  remove any signature
                    for which the signing key is not present.

If  invoked  with  no  arguments,  both `sigs' and `uids' are
cleaned.
If invoked without `total', only signatures for which the 
signing key is present can be evaluted.

=======Proposal==================

What do you think about that, David?

I would really appreciate such a function and I'm sure, that I'm not 
the only one. Please consider to implement it.
As I cannot do it myself, maybe I can help with this proposal.

Dirk




More information about the Gnupg-users mailing list