aboutsummaryrefslogtreecommitdiffstats
path: root/doc/gpg.texi
diff options
context:
space:
mode:
Diffstat (limited to 'doc/gpg.texi')
-rw-r--r--doc/gpg.texi27
1 files changed, 17 insertions, 10 deletions
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 728f31426..7d0875644 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -198,16 +198,22 @@ files which don't begin with an encrypted message.
@item --verify
@opindex verify
-Assume that the first argument is a signed file or a detached signature
-and verify it without generating any output. With no arguments, the
-signature packet is read from STDIN. If only a sigfile is given, it may
-be a complete signature or a detached signature, in which case the
-signed stuff is expected in a file without the ".sig" or ".asc"
-extension. With more than 1 argument, the first should be a detached
-signature and the remaining files are the signed stuff. To read the
-signed stuff from STDIN, use @samp{-} as the second filename. For
-security reasons a detached signature cannot read the signed material
-from STDIN without denoting it in the above way.
+Assume that the first argument is a signed file and verify it without
+generating any output. With no arguments, the signature packet is
+read from STDIN. If only a one argument is given, it is expected to
+be a complete signature.
+
+With more than 1 argument, the first should be a detached signature
+and the remaining files ake up the the signed data. To read the signed
+data from STDIN, use @samp{-} as the second filename. For security
+reasons a detached signature cannot read the signed material from
+STDIN without denoting it in the above way.
+
+Note: If the option @option{--batch} is not used, @command{gpg}
+may assume that a single argument is a file with a detached signature
+and it will try to find a matching data file by stripping certain
+suffixes. Using this historical feature to verify a detached
+signature is strongly discouraged; always specify the data file too.
Note: When verifying a cleartext signature, @command{gpg} verifies
only what makes up the cleartext signed data and not any extra data
@@ -217,6 +223,7 @@ out the actual signed data; but there are other pitfalls with this
format as well. It is suggested to avoid cleartext signatures in
favor of detached signatures.
+
@item --multifile
@opindex multifile
This modifies certain other commands to accept multiple files for
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-18 20:17:07 +0000