Reading key capabilities information before importing a key

Hauke Laging mailinglisten at
Fri Apr 12 03:00:22 CEST 2013

Am Do 11.04.2013, 23:43:39 schrieb Werner Koch:
> On Thu, 11 Apr 2013 22:48, branko at said:
> > Btw, is there any particular reason why the gpg2 --with-colons
> > command does not list key capabilities?
> It can't do that because it does not do any signature verification.  For
> that we would need to look at the entire key and evaluate all packets.
> --list-packets or giving a key on the command line is nothing more than
> a simple dump of the packets without any signature verification.

That is an inconsistent explanation. If --list-packets "can" show data from 
signatures without checking the signatures then obviously --with-colons 
"could" do that as well. The only valid argument I can think of is that --
list-packets may be defined as "stupid dump" and --with-colons is defined as 
showing only validated data. But the latter is obviously not the case. So if 
subkeys and UIDs are shown without checking signatures why not show unverified 
signature data like the key capabilities?

Whether that would be worth the development effort is a different question, of 

PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 572 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20130412/a08d2e8f/attachment.sig>

More information about the Gnupg-users mailing list