diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/DETAILS | 8 | ||||
| -rw-r--r-- | doc/gpg.texi | 22 |
2 files changed, 28 insertions, 2 deletions
diff --git a/doc/DETAILS b/doc/DETAILS index c1a9b527a..e9270479a 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -160,8 +160,12 @@ described here. This is only used on primary keys. This is a single letter, but be prepared that additional information may follow in future - versions. For trust signatures with a regular expression, this is - the regular expression value, quoted as in field 10. + versions. Note that if a trust signature indicates that the key's + computed trust is higher than the ownertrust, that higher value is + shown here. + + In signature records describing a trust signatures this is the + regular expression value, quoted as in field 10. *** Field 10 - User-ID diff --git a/doc/gpg.texi b/doc/gpg.texi index 546dbf080..63e87e528 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1137,8 +1137,10 @@ from @option{--edit-key}. @item --quick-sign-key @var{fpr} [@var{names}] @itemx --quick-lsign-key @var{fpr} [@var{names}] +@itemx --quick-tsign-key @var{fpr} @var{trustspec} [@var{names}] @opindex quick-sign-key @opindex quick-lsign-key +@opindex quick-tsign-key Directly sign a key from the passphrase without any further user interaction. The @var{fpr} must be the verified primary fingerprint of a key in the local keyring. If no @var{names} are given, all @@ -1153,6 +1155,17 @@ non-exportable. If such a non-exportable signature already exists the you need to update an existing signature, for example to add or change notation data, you need to use the option @option{--force-sign-key}. +The command @option{--quick-tsign-key} creates a trust signature using +the information from the @var{trustspec} string. The @var{trustspec} +uses the format [T=]@var{dept},@var{value}[,@var{domain}]. @var{depth} +is the length of the trust chain in the range 0 (identical to a +standard key signature) to 255 (ridiculous long trust chain); the most +common lengths for trust signatures are 1 and 2. @var{value} is +either "f" or "full" which are mapped to a value of 120 or "m" or +"marginal" which are mapped to a value of 60. The allowed range is 0 +to 255 but it is highly suggested to use only 60 or 120. @var{domain} +is optional and a plain domain name like "example.org". + This command uses reasonable defaults and thus does not provide the full flexibility of the "sign" subcommand from @option{--edit-key}. Its intended use is to help unattended key signing by utilizing a list @@ -1390,6 +1403,15 @@ give the opposite meaning. The options are: Show the ownertrust value for keys also in the standard key listing. Defaults to no. + @item show-trustsig + @opindex list-options:show-trustsig + Show information about trust signatures also in a non-colon mode. + The information is printed in brackets after the signer's user ID in + the format T=@var{dept},@var{value}[,[R]"@var{string}"]. + With the "R" prefix @var{string} gives the raw regular expression + escaped in C-style; without the prefix the domain name is printed + verbatim. Defaults to no. + @item show-policy-urls @opindex list-options:show-policy-urls Show policy URLs in the @option{--check-signatures} |