fingerprint of key
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Aug 15 01:50:04 CEST 2017
On Mon 2017-08-14 19:03:19 -0300, Duane Whitty wrote:
> I did not and still do not want to import the oracle_vbox public key
> into my key ring. I am happy to download it and check it each time.
I think this is an interesting choice, but i don't understand why you've
made it. Can you say more about why you don't want to import the key,
and why you prefer to fetch it each time?
> Before I go down the road on offering an opinion on how the man page
> should be "fixed" (maybe it's not really broken) can you explain why
> it would be bad to let gpg generate and display the fingerprint of a
> key in an ascii armoured file?
I'm not saying it's "bad" -- it's just not what --fingerprint does.
List all keys (or the specified ones) along with their finger‐
prints. This is the same output as --list-keys but with the
additional output of a line with the fingerprint. May also be
combined with --list-signatures or --check-signatures. If this
command is given twice, the fingerprints of all secondary keys
are listed too. This command also forces pretty printing of
fingerprints if the keyid format has been set to "none".
So it's like --list-keys, which says:
List the specified keys. If no keys are specified, then all
keys from the configured public keyrings are listed.
in other words (or maybe it's not as explicitly stated as it should be),
"list all the keys in your keyring that match the specification". This
command is not intended for listing fingerprints of keys that come in on
stdin, or of an external file.
That said, you could combine it with:
--no-default-keyring --keyring /path/to/file.gpg
(as long as the file wasn't ascii-armored, and as long as you weren't
concerned about updating your trustdb by accident, etc).
Again, i'm not saying this is particularly user-friendly, i'm just
trying to help you understand the current state of the tool.
If you have specific suggestions for how to improve the tool, please
More information about the Gnupg-users