Feature request: expand 'clean' to 'clean total'

Dirk Traulsen dirk.traulsen at lypso.de
Thu Oct 27 12:06:36 CEST 2005


Hi!
I first posted this under an old (but fitting) thread and got no 
response. Sorry, if you already read it.

Nowadays there are quite some keys, which have several hundred 
signatures on their UIDs. This is a good thing for the WoT, but it 
clutters the local keyrings, as normally you don't have most of these 
signing keys. If the keys on your keyring are completely trusted, you 
don't need the additional signatures. 
Until now there is the option 'clean sigs' under '--edit KEY', but it 
does only delete sigs, which can be verified by gpg through 
comparison with the corresponding signing key.

So here is my feature request:
Please make an option to delete signatures, for which there is no 
corresponding signing key on the local keyring.

David Shaw wrote:
> There is perhaps an argument to be made for a 
> "super clean" that does clean and also removes any
> signature where the signing key is
> not present (in fact, an early version of clean did that),
> but that's a different thing than clean.

I think there are so many commands and options, that it would be 
better to expand the name and not take a new one.

I suggest following solution: add a new option 'clean total' to the 
known options 'clean sigs' and 'clean uids'.

This could be the new part in the man-page:

===========Proposal for the man-page==============
clean     Cleans keys by removing unusable pieces.  This com-
          mand can be used to keep keys neat and  clean,  and
          it has no effect aside from that.

          sigs      Remove any signatures that are not usable
                    by the trust calculations.  For  example,
                    this  removes any signature that does not
                    validate.  It also removes any  signature
                    that  is superceded by a later signature,
                    or signatures that were revoked.

          uids      Compact  (by  removing   all   signatures
                    except  the  selfsig) any user ID that is
                    no  longer  usable  (e.g.   revoked,   or
                    expired).

          total     Remove like above any  unusable signature
                    and UID,  but  also  remove any signature
                    for which the signing key is not present.

If  invoked  with  no  arguments,  both `sigs' and `uids' are
cleaned.
If invoked without `total', only signatures for which the 
signing key is present can be evaluted.
===========Proposal for the man-page==============

What do you think about that, David?

I would really appreciate such a function and I think (hope), that 
I'm not the only one. Please consider to implement it.
As I cannot do it myself, maybe I can help with this proposal.

Dirk




More information about the Gnupg-users mailing list