scope of standard authority (was: Re: How to "activate" gpg.conf entries?)
Hauke Laging
mailinglisten at hauke-laging.de
Wed Jul 11 20:18:17 CEST 2012
Am Mi 11.07.2012, 13:57:58 schrieb David Shaw:
> For signing, it's not as simple - for example, there is
> no explicit recipient (and therefore no preference list) when signing
> without encrypting, such as is done on a mailing list.
Is there any reason why known recipients should not be considered when signing
only? I just noticed that gpg issues a warning if a recipient is given when
signing only. But instead the public key could be used for hash selection. To
avoid ambiguity this could fail if for any of the recipients the keys is
missing. The calling application could check in advance which recipients have
a key locally and only give those as recipients for the signing operation. As
this is already done for encrypted signatures the required code should already
be there.
Hauke
--
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20120711/8793b1b0/attachment.pgp>
More information about the Gnupg-users
mailing list