diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/DETAILS | 23 | ||||
| -rw-r--r-- | doc/gpg.texi | 22 | ||||
| -rw-r--r-- | doc/scdaemon.texi | 2 | ||||
| -rw-r--r-- | doc/tools.texi | 2 |
4 files changed, 38 insertions, 11 deletions
diff --git a/doc/DETAILS b/doc/DETAILS index e7567f7e3..eb6d7dd4b 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -59,6 +59,7 @@ described here. - uat :: User attribute (same as user id except for field 10). - sig :: Signature - rev :: Revocation signature + - rvs :: Recocation signature (standalone) [since 2.2.9] - fpr :: Fingerprint (fingerprint is in field 10) - pkd :: Public key data [*] - grp :: Keygrip @@ -179,6 +180,9 @@ described here. revocation key is also given here, 'x' and 'l' is used the same way. This field if not used for X.509. + "rev" and "rvs" may be followed by a comma and a 2 digit hexnumber + with the revocation reason. + *** Field 12 - Key capabilities The defined capabilities are: @@ -207,12 +211,13 @@ described here. For "uid" records this field lists the preferences in the same way gpg's --edit-key menu does. - For "sig" records, this is the fingerprint of the key that issued - the signature. Note that this may only be filled if the signature - verified correctly. Note also that for various technical reasons, - this fingerprint is only available if --no-sig-cache is used. - Since 2.2.7 this field will also be set if the key is missing but - the signature carries an issuer fingerprint as meta data. + For "sig", "rev" and "rvs" records, this is the fingerprint of the + key that issued the signature. Note that this may only be filled + if the signature verified correctly. Note also that for various + technical reasons, this fingerprint is only available if + --no-sig-cache is used. Since 2.2.7 this field will also be set + if the key is missing but the signature carries an issuer + fingerprint as meta data. *** Field 14 - Flag field @@ -260,6 +265,12 @@ described here. optionally followed by a space and an URL. This goes along with the previous field. The URL is quoted in C style. +*** Field 21 - Comment + + This is currently only used in "rev" and "rvs" records to carry + the the comment field of the recocation reason. The value is + quoted in C style. + ** Special fields *** PKD - Public key data diff --git a/doc/gpg.texi b/doc/gpg.texi index a12b5afee..4cfd00079 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -328,7 +328,7 @@ following the "sig" tag (and thus before the flags described below. A "!" indicates that the signature has been successfully verified, a "-" denotes a bad signature and a "%" is used if an error occurred while checking the signature (e.g. a non supported algorithm). Signatures -where the public key is not availabale are not listed; to see their +where the public key is not available are not listed; to see their keyids the command @option{--list-sigs} can be used. For each signature listed, there are several flags in between the @@ -353,6 +353,16 @@ may thus be used to see what keys @command{@gpgname} might use. In particular external methods as defined by @option{--auto-key-locate} may be used to locate a key. Only public keys are listed. +@item --show-keys +@opindex show-keys +This commands takes OpenPGP keys as input and prints information about +them in the same way the command @option{--list-keys} does for locally +stored key. In addition the list options @code{show-unusable-uids}, +@code{show-unusable-subkeys}, @code{show-notations} and +@code{show-policy-urls} are also enabled. As usual for automated +processing, this command should be combined with the option +@option{--with-colons}. + @item --fingerprint @opindex fingerprint List all keys (or the specified ones) along with their @@ -2305,7 +2315,8 @@ opposite meaning. The options are: Show a listing of the key as imported right before it is stored. This can be combined with the option @option{--dry-run} to only look at keys; the option @option{show-only} is a shortcut for this - combination. Note that suffixes like '#' for "sec" and "sbb" lines + combination. The command @option{--show-keys} is another shortcut + for this. Note that suffixes like '#' for "sec" and "sbb" lines may or may not be printed. @item import-export @@ -2417,6 +2428,11 @@ The available properties are: Boolean indicating whether a key or subkey is a secret one. (drop-subkey) + @item usage + A string indicating the usage flags for the subkey, from the + sequence ``ecsa?''. For example, a subkey capable of just signing + and authentication would be an exact match for ``sa''. (drop-subkey) + @item sig_created @itemx sig_created_d The first is the timestamp a signature packet was created. The @@ -3368,7 +3384,7 @@ absolute date in the form YYYY-MM-DD. Defaults to "0". @opindex default-new-key-algo @var{string} This option can be used to change the default algorithms for key generation. The @var{string} is similar to the arguments required for -the command @option{--quick-add-key} but slighly different. For +the command @option{--quick-add-key} but slightly different. For example the current default of @code{"rsa2048/cert,sign+rsa2048/encr"} (or @code{"rsa3072"}) can be changed to the value of what we currently call future default, which is @code{"ed25519/cert,sign+cv25519/encr"}. diff --git a/doc/scdaemon.texi b/doc/scdaemon.texi index a9e6d1e7a..81af28105 100644 --- a/doc/scdaemon.texi +++ b/doc/scdaemon.texi @@ -399,7 +399,7 @@ comes with almost all German banking cards. This application adds read-only support for keys and certificates stored on a @uref{http://www.smartcard-hsm.com, SmartCard-HSM}. -To generate keys and store certifiates you may use +To generate keys and store certificates you may use @uref{https://github.com/OpenSC/OpenSC/wiki/SmartCardHSM, OpenSC} or the tools from @uref{http://www.openscdp.org, OpenSCDP}. diff --git a/doc/tools.texi b/doc/tools.texi index 9301334c7..7becf67e2 100644 --- a/doc/tools.texi +++ b/doc/tools.texi @@ -290,7 +290,7 @@ Check the options for the component @var{component}. Apply the configuration settings listed in @var{file} to the configuration files. If @var{file} has no suffix and no slashes the command first tries to read a file with the suffix @code{.prf} from -the the data directory (@code{gpgconf --list-dirs datadir}) before it +the data directory (@code{gpgconf --list-dirs datadir}) before it reads the file verbatim. A profile is divided into sections using the bracketed component name. Each section then lists the option which shall go into the respective configuration file. |