dirk.traulsen at lypso.de
Sat Sep 10 14:21:24 CEST 2005
Am 9 Sep 2005 um 10:46 hat David Shaw geschrieben:
> Unfortunately not, because without the signing key, gpg can't tell if
> a signature is valid or not. If there is no way to tell if a
> signature is valid then the wrong thing might happen in cleaning.
> Here's an example:
> signature 1 from key 12345678 is dated January 1, 2000.
> signature 2 from key 12345678 is dated January 1, 2001.
> It would seem obvious that signature 1 should be removed... but in
> fact, signature 1 is valid, and signature 2 is a forgery. If gpg
> removes signature 1, then the forger who created signature 2
> effectively "revoked" signature 1. Only if the signing key 12345678
> is present can gpg tell which is the real signature.
Ok, now I understand. Maybe it would be helpful to write it in the
man page, that you need the key for cleaning.
> There is perhaps an argument to be made for a "super clean" that does
> clean and also removes any signature where the signing key is not
> present (in fact, an early version of clean did that), but that's a
> different thing than clean.
I think, it would be a good thing to have, especially if you have
limited space. The name is funny too.
Thank you for your help
More information about the Gnupg-users