1 files changed, 17 insertions, 2 deletions

diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi
index a328ea5f0..364345741 100644
--- a/doc/gpgsm.texi
+++ b/doc/gpgsm.texi
@@ -408,6 +408,10 @@ Do not print a warning when the so called "secure memory" cannot be used.
 When running in server mode, append all logging output to @var{file}.
 Use @file{socket://} to log to socket.
 
+@item --log-time
+@opindex log-time
+Prefix all log output with a timestamp even if no log file is used.
+
 @end table
 
 
@@ -492,8 +496,10 @@ This usually means that Dirmngr is employed to search for the
 certificate.  Note that this option makes a "web bug" like behavior
 possible.  LDAP server operators can see which keys you request, so by
 sending you a message signed by a brand new key (which you naturally
-will not have on your local keybox), the operator can tell both your IP
-address and the time when you verified the signature.
+will not have on your local keybox), the operator can tell both your
+IP address and the time when you verified the signature.  Note that if
+CRL checking is not disabled issuer certificates are retrieved in any
+case using the caIssuers authorityInfoAccess method.
 
 
 @anchor{gpgsm-option --validation-model}
@@ -623,6 +629,15 @@ always listed in @option{--with-colons} mode.
 Include info about the presence of a secret key in public key listings
 done with @code{--with-colons}.
 
+@item --no-pretty-dn
+@opindex no-pretty-dn
+By default gpgsm prints distinguished names (DNs) like the Issuer or
+Subject in a more readable format (e.g. using a well defined order of
+the parts).  However, this format can't be used as input strings.
+This option reverts printing to standard RFC-2253 format and thus
+avoids the need to use --dump-cert or --with-colons to get the
+``real'' name.
+
 @end table
 
 @c *******************************************