GPA `improvements'

Ingo Klöcker kloecker@kde.org
Sat Nov 9 17:36:02 2002 

--Boundary-02=_CdTz9xSw79WHiYn
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline

On Saturday 09 November 2002 15:43, Miguel Coca wrote:
> On Sat, Nov 09, 2002 at 14:33:19 +0100, Ingo Kl=F6cker wrote:
> > On Saturday 09 November 2002 14:23, Miguel Coca wrote:
> > > So, for example, for key validity we don't make a distinction
> > > between "ultimate" and "full" trust, and there is no "marginal"
> > > level. Keys are either valid, unknown, or revoked/expired (i.e.
> > > not valid, but we tell the user why).
> >
> > I'm wondering what you display for invalid keys (i.e. keys which
> > are missing a self-signature).
>
> It's not valid, and it's not revoked nor expired, so it falls into
> the "Unknown" category.
>
> I could add a special case, along with revoked and expired, and say
> why it is not valid. But I think that "invalid" is not a good name
> for it. I mean, if we are talking about key "validity", all keys that
> are not valid, by definition, are invalid.

True.

> So it doesn't make sense to use "invalid" to mean just some of the
> non-valid keys. If someone can suggest a reasonable term for keys
> without a self-signature, that doesn't sound too confusing for new
> users, I'll add it to the list.

What about "incomplete"?

> But anyway, is it even possible to import an invalid key with gpgme?
> Certainly it isn't with a simple "gpg --import".

Apparently it's not even possible with "gpg --expert --import". But of=20
course one can simply delete the self-signature from an already=20
imported key.

"Disabled" is another key status which seems to be missing. I don't know=20
in which scenario one might want to disable a key (except for testing)=20
so it's not really that important. OTOH as long as the status is known=20
one shouldn't display the status as "Unknown". This could give the=20
false impression that GPA is incomplete.

Regards,
Ingo


--Boundary-02=_CdTz9xSw79WHiYn
Content-Type: application/pgp-signature
Content-Description: signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQA9zTdCGnR+RTDgudgRAlsHAJ4uWaDgY6UJTxoMqmFDSeBBMA8xqgCeLobm
aY1ty9GavgFDcKX798t+/aE=
=3ZZN
-----END PGP SIGNATURE-----

--Boundary-02=_CdTz9xSw79WHiYn--