Signing a Key

Nicholas Cole npcole at yahoo.co.uk
Sat Feb 5 18:39:41 CET 2005


 --- David Shaw <dshaw at jabberwocky.com> wrote: 

[snip]

> Similarly, by default GnuPG ignores 0x11 signatures.
> Like issuing them, this doesn't stopanyone from
> accepting 0x11 signatures.  Any user who cares to
can
> opt-in via "--min-cert-level 1" and accept any
> signatures they like.  Given that the whole point of
> an 0x11 signature is to say "I didn't check AT ALL",
> ignoring them by default is safer than accepting
them.

[snip]

Dear David,

Without wishing to question any of the defaults, which
I think make perfect sense, could I just point out
that the man page does not make it clear that level 0
signatures are ALWAYS accepted, regardless of the
min-cert-level?  As I read it at the moment, it seems
to suggest that by default level 0 and level 1
signatures are both ignored, which I'm sure is not the
case.

Best, 

N.


	
	
		
___________________________________________________________ 
ALL-NEW Yahoo! Messenger - all new features - even more fun! http://uk.messenger.yahoo.com



More information about the Gnupg-users mailing list