diff options
| author | Werner Koch <[email protected]> | 2003-12-01 10:53:40 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2003-12-01 10:53:40 +0000 |
| commit | 6b7af47bccea369de9215eaa7fc6396b7a5222c7 (patch) | |
| tree | 93a73746b44577da48ea83828bebbb77a5c15c91 | |
| parent | * sexp-parse.h (snext): Don't use atoi_1 and digitp macros, so (diff) | |
| download | gnupg-6b7af47bccea369de9215eaa7fc6396b7a5222c7.tar.gz gnupg-6b7af47bccea369de9215eaa7fc6396b7a5222c7.zip | |
(Certificate Options): Add --{enable,disable}-ocsp.
Diffstat (limited to '')
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | doc/ChangeLog | 9 | ||||
| -rw-r--r-- | doc/gpgsm.texi | 9 | ||||
| -rw-r--r-- | doc/scdaemon.texi | 11 |
4 files changed, 33 insertions, 0 deletions
@@ -1,6 +1,10 @@ Noteworthy changes in version 1.9.3 (unreleased) ------------------------------------------------ + * New options --{enable,disable}-ocsp to validate keys using OCSP + This requires at least DirMngr 0.5.1 to work. Default is disabled. + + Noteworthy changes in version 1.9.2 (2003-11-17) ------------------------------------------------ diff --git a/doc/ChangeLog b/doc/ChangeLog index 1c335280c..583415cab 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,12 @@ +2003-12-01 Werner Koch <[email protected]> + + * gpgsm.texi (Certificate Options): Add --{enable,disable}-ocsp. + +2003-11-17 Werner Koch <[email protected]> + + * scdaemon.texi (Scdaemon Options): Added --allow-admin and + --deny-admin. + 2003-10-27 Werner Koch <[email protected]> * gpg-agent.texi (Agent GET_CONFIRMATION): New. diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi index 4d91bda5b..6695eef67 100644 --- a/doc/gpgsm.texi +++ b/doc/gpgsm.texi @@ -250,6 +250,15 @@ By default the @acronym{CRL} checks are enabled and the DirMngr is used to check for revoked certificates. The disable option is most useful with an off-line network connection to suppress this check. +@item --enable-ocsp +@itemx --disable-ocsp +@opindex enable-ocsp +@opindex disable-ocsp +Be default @acronym{OCSP} checks are disabled. The enable opton may +be used to enable OCSP checks via Dirmngr. If @acronym{CRL} checks +are also enabled, CRLs willbe used as a fallback if for some reason an +OCSP request won't succeed. + @end table @node Input and Output diff --git a/doc/scdaemon.texi b/doc/scdaemon.texi index 3bd8caaa8..e62146837 100644 --- a/doc/scdaemon.texi +++ b/doc/scdaemon.texi @@ -146,6 +146,17 @@ default is 32768 (first USB device). Use @var{library} to access the smartcard reader. The current default is @code{libtowitoko.so}. + +@item --allow-admin +@itemx --deny-admin +@opindex allow-admin +@opindex deny-admin +This enables the use of Admin class commands for card application +where this is supported. Currently we support it for the OpenPGP +card. Deny is the default. This commands is useful to inhibit +accidental access to admin class command which could ultimately lock +the card through worng PIN numbers. + @end table All the long options may also be given in the configuration file after |