aboutsummaryrefslogtreecommitdiffstats
path: root/doc/gpg.texi
diff options
context:
space:
mode:
Diffstat (limited to 'doc/gpg.texi')
-rw-r--r--doc/gpg.texi43
1 files changed, 25 insertions, 18 deletions
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 1a3cb9e25..47aa0a4d0 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -616,7 +616,7 @@ Emit @var{count} random bytes of the given quality level 0, 1 or 2. If
@var{count} is not given or zero, an endless sequence of random bytes
will be emitted. If used with @option{--armor} the output will be
base64 encoded. The special level 16 uses a quality level of 1 and
-outpust end endless stream of hex-encoded octets. The special level
+outputs an endless stream of hex-encoded octets. The special level
30 outputs random as 30 zBase-32 characters.
@item --gen-prime @var{mode} @var{bits}
@@ -635,11 +635,11 @@ The @option{--dearmor} command can also be used to dearmor PEM armors.
@item --unwrap
@opindex unwrap
-This command is similar to @option{--decrypt} with the change that the
+This command is similar to @option{--decrypt} with the difference that the
output is not the usual plaintext but the original message with the
-decryption layer removed. Thus the output will be an OpenPGP data
+encryption layer removed. Thus the output will be an OpenPGP data
structure which often means a signed OpenPGP message. Note that this
-command may or may not remove a compression layer which is often found
+option may or may not remove a compression layer which is often found
beneath the encryption layer.
@item --tofu-policy @{auto|good|unknown|bad|ask@} @var{keys}
@@ -860,9 +860,10 @@ line.
@opindex keyedit:tsign
Make a trust signature. This is a signature that combines the notions
of certification (like a regular signature), and trust (like the
- "trust" command). It is generally only useful in distinct communities
- or groups. For more information please read the sections
- ``Trust Signature'' and ``Regular Expression'' in RFC-4880.
+ "trust" command). It is generally useful in distinct communities
+ or groups to implement the concept of a Trusted Introducer. For
+ more information please read the sections ``Trust Signature'' and
+ ``Regular Expression'' in RFC-4880.
@end table
@c man:.RS
@@ -1341,7 +1342,7 @@ Assume "no" on most questions. Should not be used in an option file.
@item --list-filter @{select=@var{expr}@}
@opindex list-filter
A list filter can be used to output only certain keys during key
-listsin command. For the availbale property names, see the description
+listing commands. For the available property names, see the description
of @option{--import-filter}.
@@ -1658,6 +1659,16 @@ for the BZIP2 compression algorithm (defaulting to 6 as well). This is a
different option from @option{--compress-level} since BZIP2 uses a
significant amount of memory for each additional compression level.
@option{-z} sets both. A value of 0 for @var{n} disables compression.
+A value of -1 forces compression using the default level.
+
+Except for the @option{--store} command compression is always used
+unless @command{gpg} detects that the input is already compressed. To
+inhibit the use of compression use @option{-z0}; to force compression
+use @option{-z-1} or option @option{z} with another compression level
+than the default as indicated by -1. Note that this overriding of the
+default deection works only with @option{z} and not with the long
+variant of this option.
+
@item --bzip2-decompress-lowmem
@opindex bzip2-decompress-lowmem
@@ -1754,7 +1765,8 @@ Set what trust model GnuPG should follow. The models are:
@item tofu
@opindex trust-model:tofu
@anchor{trust-model-tofu}
- TOFU stands for Trust On First Use. In this trust model, the first
+ TOFU stands for Trust On First Use. In this experimental trust
+ model, the first
time a key is seen, it is memorized. If later another key with a
user id with the same email address is seen, both keys are marked as
suspect. In that case, the next time either is used, a warning is
@@ -1803,7 +1815,8 @@ Set what trust model GnuPG should follow. The models are:
@item tofu+pgp
@opindex trust-model:tofu+pgp
- This trust model combines TOFU with the Web of Trust. This is done
+ This experimental trust model combines TOFU with the Web of Trust.
+ This is done
by computing the trust level for each model and then taking the
maximum trust level where the trust levels are ordered as follows:
@code{unknown < undefined < marginal < fully < ultimate < expired <
@@ -2048,7 +2061,7 @@ are available for all keyserver types, some common options are:
The default list of options is: "self-sigs-only, import-clean,
repair-keys, repair-pks-subkey-bug, export-attributes". However, if
the actual used source is an LDAP server "no-self-sigs-only" is
-assumed unless "self-sigs-only" has been explictly configured.
+assumed unless "self-sigs-only" has been explicitly configured.
@item --completes-needed @var{n}
@@ -3546,13 +3559,7 @@ signatures made using SHA-1, those key signatures are considered
invalid. This options allows to override this restriction.
@item --override-compliance-check
-@opindex --override-compliance-check
-The signature verification only allows the use of keys suitable in the
-current compliance mode. If the compliance mode has been forced by a
-global option, there might be no way to check certain signature. This
-option allows to override this and prints an extra warning in such a
-case. This option is ignored in --batch mode so that no accidental
-unattended verification may happen.
+This was a temporary introduced option and has no more effect.
@item --no-default-keyring
@opindex no-default-keyring
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-27 05:13:59 +0000