From 8de1ee1b2b676b0d07586f0752750dd6b0fb7511 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 27 Apr 2024 11:59:15 +0200 Subject: Adding upstream version 2.2.27. Signed-off-by: Daniel Baumann --- doc/ChangeLog-2011 | 871 +++ doc/DCO | 29 + doc/DETAILS | 1617 +++++ doc/FAQ | 13 + doc/HACKING | 433 ++ doc/KEYSERVER | 83 + doc/Makefile.am | 211 + doc/Makefile.in | 1269 ++++ doc/OpenPGP | 116 + doc/TRANSLATE | 61 + doc/com-certs.pem | 67 + doc/contrib.texi | 106 + doc/debugging.texi | 287 + doc/defsincdate | 1 + doc/dirmngr.texi | 1200 ++++ doc/examples/Automatic.prf | 15 + doc/examples/README | 11 + doc/examples/VS-NfD.prf | 24 + doc/examples/debug.prf | 29 + doc/examples/gpgconf.conf | 62 + doc/examples/pwpattern.list | 48 + doc/examples/scd-event | 102 + doc/examples/systemd-user/README | 66 + doc/examples/systemd-user/dirmngr.service | 8 + doc/examples/systemd-user/dirmngr.socket | 11 + doc/examples/systemd-user/gpg-agent-browser.socket | 13 + doc/examples/systemd-user/gpg-agent-extra.socket | 13 + doc/examples/systemd-user/gpg-agent-ssh.socket | 13 + doc/examples/systemd-user/gpg-agent.service | 8 + doc/examples/systemd-user/gpg-agent.socket | 12 + doc/examples/trustlist.txt | 66 + doc/glossary.texi | 72 + doc/gnupg-card-architecture.fig | 419 ++ doc/gnupg-card-architecture.pdf | Bin 0 -> 19415 bytes doc/gnupg-card-architecture.png | Bin 0 -> 8829 bytes doc/gnupg-logo-tr.png | Bin 0 -> 9415 bytes doc/gnupg-logo.eps | 2704 ++++++++ doc/gnupg-logo.pdf | Bin 0 -> 13838 bytes doc/gnupg-logo.png | Bin 0 -> 14471 bytes doc/gnupg-module-overview.pdf | 381 ++ doc/gnupg-module-overview.png | Bin 0 -> 123361 bytes doc/gnupg-module-overview.svg | 892 +++ doc/gnupg.info | 224 + doc/gnupg.info-1 | 7119 ++++++++++++++++++++ doc/gnupg.info-2 | 5923 ++++++++++++++++ doc/gnupg.texi | 241 + doc/gnupg7.texi | 31 + doc/gpg-agent.texi | 1627 +++++ doc/gpg.texi | 4358 ++++++++++++ doc/gpgsm.texi | 1648 +++++ doc/gpgv.texi | 193 + doc/gpl.texi | 732 ++ doc/help.be.txt | 286 + doc/help.ca.txt | 286 + doc/help.cs.txt | 286 + doc/help.da.txt | 286 + doc/help.de.txt | 279 + doc/help.el.txt | 286 + doc/help.eo.txt | 286 + doc/help.es.txt | 251 + doc/help.et.txt | 286 + doc/help.fi.txt | 256 + doc/help.fr.txt | 256 + doc/help.gl.txt | 286 + doc/help.hu.txt | 257 + doc/help.id.txt | 251 + doc/help.it.txt | 251 + doc/help.ja.txt | 335 + doc/help.nb.txt | 286 + doc/help.pl.txt | 250 + doc/help.pt.txt | 253 + doc/help.pt_BR.txt | 253 + doc/help.ro.txt | 251 + doc/help.ru.txt | 369 + doc/help.sk.txt | 254 + doc/help.sv.txt | 286 + doc/help.tr.txt | 242 + doc/help.txt | 398 ++ doc/help.zh_CN.txt | 233 + doc/help.zh_TW.txt | 245 + doc/howto-create-a-server-cert.texi | 274 + doc/howtos.texi | 15 + doc/instguide.texi | 77 + doc/mkdefsinc.c | 367 + doc/mksamplekeys | 10 + doc/opt-homedir.texi | 25 + doc/qualified.txt | 243 + doc/samplekeys.asc | 920 +++ doc/scdaemon.texi | 770 +++ doc/see-also-note.texi | 14 + doc/specify-user-id.texi | 173 + doc/sysnotes.texi | 58 + doc/tools.texi | 2118 ++++++ doc/trust-values.texi | 47 + doc/whats-new-in-2.1.txt | 873 +++ doc/wks.texi | 446 ++ doc/yat2m.c | 1646 +++++ 97 files changed, 49249 insertions(+) create mode 100644 doc/ChangeLog-2011 create mode 100644 doc/DCO create mode 100644 doc/DETAILS create mode 100644 doc/FAQ create mode 100644 doc/HACKING create mode 100644 doc/KEYSERVER create mode 100644 doc/Makefile.am create mode 100644 doc/Makefile.in create mode 100644 doc/OpenPGP create mode 100644 doc/TRANSLATE create mode 100644 doc/com-certs.pem create mode 100644 doc/contrib.texi create mode 100644 doc/debugging.texi create mode 100644 doc/defsincdate create mode 100644 doc/dirmngr.texi create mode 100644 doc/examples/Automatic.prf create mode 100644 doc/examples/README create mode 100644 doc/examples/VS-NfD.prf create mode 100644 doc/examples/debug.prf create mode 100644 doc/examples/gpgconf.conf create mode 100644 doc/examples/pwpattern.list create mode 100755 doc/examples/scd-event create mode 100644 doc/examples/systemd-user/README create mode 100644 doc/examples/systemd-user/dirmngr.service create mode 100644 doc/examples/systemd-user/dirmngr.socket create mode 100644 doc/examples/systemd-user/gpg-agent-browser.socket create mode 100644 doc/examples/systemd-user/gpg-agent-extra.socket create mode 100644 doc/examples/systemd-user/gpg-agent-ssh.socket create mode 100644 doc/examples/systemd-user/gpg-agent.service create mode 100644 doc/examples/systemd-user/gpg-agent.socket create mode 100644 doc/examples/trustlist.txt create mode 100644 doc/glossary.texi create mode 100644 doc/gnupg-card-architecture.fig create mode 100644 doc/gnupg-card-architecture.pdf create mode 100644 doc/gnupg-card-architecture.png create mode 100644 doc/gnupg-logo-tr.png create mode 100644 doc/gnupg-logo.eps create mode 100644 doc/gnupg-logo.pdf create mode 100644 doc/gnupg-logo.png create mode 100644 doc/gnupg-module-overview.pdf create mode 100644 doc/gnupg-module-overview.png create mode 100644 doc/gnupg-module-overview.svg create mode 100644 doc/gnupg.info create mode 100644 doc/gnupg.info-1 create mode 100644 doc/gnupg.info-2 create mode 100644 doc/gnupg.texi create mode 100644 doc/gnupg7.texi create mode 100644 doc/gpg-agent.texi create mode 100644 doc/gpg.texi create mode 100644 doc/gpgsm.texi create mode 100644 doc/gpgv.texi create mode 100644 doc/gpl.texi create mode 100644 doc/help.be.txt create mode 100644 doc/help.ca.txt create mode 100644 doc/help.cs.txt create mode 100644 doc/help.da.txt create mode 100644 doc/help.de.txt create mode 100644 doc/help.el.txt create mode 100644 doc/help.eo.txt create mode 100644 doc/help.es.txt create mode 100644 doc/help.et.txt create mode 100644 doc/help.fi.txt create mode 100644 doc/help.fr.txt create mode 100644 doc/help.gl.txt create mode 100644 doc/help.hu.txt create mode 100644 doc/help.id.txt create mode 100644 doc/help.it.txt create mode 100644 doc/help.ja.txt create mode 100644 doc/help.nb.txt create mode 100644 doc/help.pl.txt create mode 100644 doc/help.pt.txt create mode 100644 doc/help.pt_BR.txt create mode 100644 doc/help.ro.txt create mode 100644 doc/help.ru.txt create mode 100644 doc/help.sk.txt create mode 100644 doc/help.sv.txt create mode 100644 doc/help.tr.txt create mode 100644 doc/help.txt create mode 100644 doc/help.zh_CN.txt create mode 100644 doc/help.zh_TW.txt create mode 100644 doc/howto-create-a-server-cert.texi create mode 100644 doc/howtos.texi create mode 100644 doc/instguide.texi create mode 100644 doc/mkdefsinc.c create mode 100755 doc/mksamplekeys create mode 100644 doc/opt-homedir.texi create mode 100644 doc/qualified.txt create mode 100644 doc/samplekeys.asc create mode 100644 doc/scdaemon.texi create mode 100644 doc/see-also-note.texi create mode 100644 doc/specify-user-id.texi create mode 100644 doc/sysnotes.texi create mode 100644 doc/tools.texi create mode 100644 doc/trust-values.texi create mode 100644 doc/whats-new-in-2.1.txt create mode 100644 doc/wks.texi create mode 100644 doc/yat2m.c (limited to 'doc') diff --git a/doc/ChangeLog-2011 b/doc/ChangeLog-2011 new file mode 100644 index 0000000..b830c0e --- /dev/null +++ b/doc/ChangeLog-2011 @@ -0,0 +1,871 @@ +2011-12-01 Werner Koch + + NB: ChangeLog files are no longer manually maintained. Starting + on December 1st, 2011 we put change information only in the GIT + commit log, and generate a top-level ChangeLog file from logs at + "make dist". See doc/HACKING for details. + +2011-10-12 Werner Koch + + * gpg.texi: Add a bunch of opindex items. + + * yat2m.c (parse_file): Add hack to allow table indentation. + +2011-08-12 Werner Koch + + * texi.css: Override some elements. + * gnupg-log-tr.png: New. + * gnupg.texi: Use transparent logo. + +2011-03-01 Werner Koch + + * gpgsm.texi (CSR and certificate creation): New. + * gpg.texi (Unattended GPG key generation): New. + +2010-10-29 David Shaw + + * gpg.texi (GPG Configuration Options): Clarify that show-photos + doesn't work with --with-colons. --personal-digest-preferences + does not have a default any longer. + +2010-10-18 Werner Koch + + * DETAILS: Fix description of IMPORT_RES. Reported by Nicholas Cole. + +2010-10-11 Daniel Kahn Gillmor (wk) + + * gpg.texi (GPG Configuration Options) : Describe %v + and %V. + +2010-10-05 Werner Koch + + * Makefile.am (faq.txt faq.html, faq-online): New. + +2010-10-04 Werner Koch + + * faq.org: New. + * FAQ: Make it a static file with a pointer to the online location. + * Makefile.am (EXTRA_DIST): Remove faq.raw and faq.html. + (FAQ, faq.html): Remove these targets + +2010-09-28 Werner Koch + + * Makefile.am (AM_MAKEINFOFLAGS): Add define gpgtwoone. + +2010-09-28 David Shaw + + * gpg.texi (OpenPGP Options): Clarify that --force-v3-sigs + disables (not enables) v4 options. --force-v3-sigs defaults to + no. + +2010-08-18 Werner Koch + + * tools.texi (watchgnupg): Add examples section. + +2010-06-10 Werner Koch + + * Makefile.am (gnupg_TEXINFOS): Add dirmngr.texi. + (myman_sources): Ditto. + (myman_pages): Add dirmngr and dirmngr-client pages. + (noinst_MANS): Move gnupg.7 to man_MANS. + + * gnupg.texi: Include dirmngr.texi and add a menu entry. + * dirmngr.texi: New. Taken from the current SVN of the dirmngr + package and adjusted to fit into the GnuPG manual. Moved + dirmngr-cleint stuff to ... + * tools.texi (dirmngr-client): ... new. + +2009-11-18 Werner Koch + + * gpg.texi (GPG Key related Options): Describe + --skip-hidden-recipients. + +2009-10-19 David Shaw + + * gpg.texi (GPG Configuration Options): Clarify that ca-cert-file + is a generic store, the details of which depend on the underlying + libraries. + +2009-08-24 David Shaw + + * gpg.texi: Suggested new ordering for --edit-key. + +2009-08-17 David Shaw + + * gpg.texi (OpenPGP Options): Clarify that + personal-foo-preferences overrides recipient preferences (safely). + +2009-08-14 David Shaw + + * gpg.texi (GPG Configuration Options): Document keyserver options + check-cert and ca-cert-file. + +2009-08-06 Werner Koch + + * DETAILS: Describe the new INV_SNDR and NO_SNDR.. + +2009-07-31 David Shaw + + * gpg.texi (OpenPGP Options): Don't mention + --no-sk-comment (doesn't exist any longer). + +2009-07-23 David Shaw + + * gpg.texi (GPG Configuration Options): LDAP uses DNS-SD to locate + a server before falling back to keys.{domain}. + +2009-07-23 Werner Koch + + * help.txt (gpgsm.crl-problem): New. + +2009-07-22 Werner Koch + + * scdaemon.texi, instguide.texi, gpgsm.texi, sysnotes.texi + * glossary.texi, howto-create-a-server-cert.texi, tools.texi + * gpg-agent.texi, gpg.texi, debugging.texi: Typo fixes. Reported + by Jeroen Schot. Fixes bug#1093. + + * gpg.texi (GPG Configuration Options): Tell what files to backup. + * sysnotes.texi: Remove some warning notes for W32. + +2009-07-20 Werner Koch + + * gpg.texi (Operational GPG Commands): Add a note for --send-keys. + Fixes bug#1090. + +2009-07-06 Werner Koch + + * debugging.texi (Common Problems): Add a note about corrupted + keys in --search-keys. + +2009-06-02 Werner Koch + + * tools.texi (watchgnupg): Typo fix. Fixes bug#1065. + + * gpg-agent.texi (Agent Commands): Update description of --daemon. + +2009-05-20 Werner Koch + + * gpg.texi (GPG Configuration Options): Explain new meaning of + --enable-dsa2. + +2009-03-16 David Shaw + + * gpg.texi (GPG Configuration Options): Document keyserver-options + debug. + +2009-03-04 Werner Koch + + * help.txt (gpg.keygen.size): Add a link to web page. + +2009-03-03 Werner Koch + + * gpg.texi (Operational GPG Commands): "merge-only" is an + import-option. Reported by Joseph Oreste Bruni. + +2009-03-02 Werner Koch + + * gpg-agent.texi (Invoking GPG-AGENT): Modernized instructions. + (Agent Options): Fix spelling of option --lc-ctype. + +2009-01-12 Werner Koch + + * faq.raw: Fix bug reorting address. + +2008-12-12 Werner Koch + + * gpgsm.texi (General GPGSM Commands): Fix --help, --version and + --warranty wording. + +2008-12-08 Werner Koch + + * DETAILS: Clarify the use of "trust" and "validity" as suggested + by Daniel Kahn Gillmor. Fix some typos. Remove the outdated + sections on packet headers and pipemode. Point to the libgcrypt + manual for a description of the key generation. + +2008-11-12 Werner Koch + + * gpg-agent.texi (Agent Options): Use Posix $() instead of + backticks to avoid rendering problems. + +2008-10-13 Werner Koch + + * gpgsm.texi (Certificate Management): Explain hot to delete the + secret key. + +2008-10-01 Werner Koch + + * tools.texi (Controlling gpg-connect-agent): Describe /datafile. + +2008-09-23 David Shaw + + * gpg.texi (OpenPGP Key Management): Clarify setpref a bit. + +2008-08-30 Werner Koch + + * yat2m.c (write_th): Print a note that this is generated source. + (VERSION): Bump up to 1.0. + +2008-07-30 Werner Koch + + * gpgsm.texi (GPGSM Configuration): Mention com-cert.pem. + +2008-06-25 Werner Koch + + * qualified.txt: Add new BnetzA certs 12R and 13R. + * com-certs.pem: Ditto. + * examples/trustlist.txt: Ditto. + +2008-06-19 Werner Koch + + * tools.texi (Listing options): Describe new complect gpgconf type + "alias list". + +2008-06-16 Werner Koch + + * DETAILS (group): Document %ask-passphrase. + +2008-05-26 Werner Koch + + * gpgv.texi: Minor fixes. Fixes bug#918. + + * opt-homedir.texi: Typo fixes. Fixes bug#917. + +2008-05-26 Marcus Brinkmann + + * tools.texi (Invoking gpgconf): Document --list-dirs. + +2008-05-20 Marcus Brinkmann + + * tools.texi (Invoking gpgconf): Add --dry-run and --check-options. + (Checking programs): Document --check-options. + +2008-05-15 Marcus Brinkmann + + * gpg.texi (Operational GPG Commands): Mention the way to change + the default signing key. + +2008-05-06 Werner Koch + + * Makefile.am (myman_pages): Add gpg-zip.1. + + * tools.texi (gpg-zip): Add new section. + +2008-04-08 Werner Koch + + * gpg.texi (GPG Configuration Options): Change subkeys.pgp.net to + keys.gnupg.net. Describe --auto-key-locate mechanisms local and + nodefault. + +2008-04-03 Werner Koch + + * yat2m.c (proc_texi_cmd): Remove extra apostrophe from @samp and + use open and close quote to @file and @env. + +2008-04-02 Werner Koch + + * opt-homedir.texi: Remove special case for Registry key. + + * yat2m.c (proc_texi_cmd): Use the \(aq glyph for @samp. This is + bug#898. + (proc_texi_buffer): Handle backslashs correctly. + +2008-03-27 Werner Koch + + * Makefile.am (nobase_dist_doc_DATA, dist_html_DATA): New. Move + relevant files to here. + (install-html-local): Remove. + +2008-02-27 Marcus Brinkmann + + * tools.texi (Listing options): Document new types. + +2008-02-26 Werner Koch + + * gpg.texi (GPG Configuration Options): Mention rfc4398. + +2008-02-05 David Shaw + + * gpg.texi (GPG Esoteric Options): Tweak mention of Tempest font + to add a "claimed" in there. + +2008-01-29 Justin Pryzby (wk) + + * gpg-agent.texi (Agent Options): Grammar fixes + + * qualified.txt: Spelling fixes. + +2008-01-28 Justin Pryzby (wk) + + * gpg-agent.texi, yat2m.c, scdaemon.texi, qualified.txt + * tools.texi, gpgsm.texi: Typo fixes and minor grammer fixes. + +2008-01-10 Werner Koch + + * qualified.txt: Add missing country tag to the last entries. + Reported by Marcus Brinkmann. + +2008-01-10 Marcus Brinkmann + + * tools.texi (gpgconf): Some clarifications. + +2008-01-02 Werner Koch + + * gpg.texi (GPG Esoteric Options): Mention --log-file. + +2007-12-13 Werner Koch + + * qualified.txt: Add 2 root certs from S-Trust for 2008-2012. + * examples/trustlist.txt: Ditto. + * com-certs.pem: Ditto. + + * gpgsm.texi (Esoteric Options): Document --extra-digest-algo. + +2007-12-12 Werner Koch + + * gpg.texi: Typo fixes. From Christer Andersson. + +2007-12-04 Werner Koch + + * help.txt: New online help file. + * help.be.txt, help.ca.txt, help.cs.txt, help.da.txt, help.de.txt + * help.el.txt, help.eo.txt, help.es.txt, help.et.txt, help.fi.txt + * help.fr.txt, help.gl.txt, help.hu.txt, help.id.txt, help.it.txt + * help.ja.txt, help.nb.txt, help.pl.txt, help.pt.txt + * help.pt_BR.txt, help.ro.txt, help.ru.txt, help.sk.txt + * help.sv.txt, help.tr.txt, help.zh_CN.txt, help.zh_TW.txt: New + online file, generated from teh current po files. + * Makefile.am (dist_pkgdata_DATA): Add them. + +2007-11-19 Werner Koch + + * gpg.texi (GPG Configuration Options): English Grammar fix. + Thanks to Gerg Troxel. + + * gpgsm.texi (Certificate Options): Document + --auto-issuer-key-retrieve. + +2007-11-15 Werner Koch + + * gpg.texi (GPG Configuration): Add PINENTRY_USER_DATA. + + * gpg-agent.texi (Agent Options): Add xauthority. + +2007-10-31 Marcus Brinkmann + + * gpg-agent.texi (Agent Options): Fix typos, by Bernhard Reiter. + +2007-10-27 David Shaw + + * gpg.texi: Document --rfc4880 (the new --openpgp). + +2007-10-25 David Shaw + + * gpg.texi: Clarify --force-v3-sigs, --pgp2, and --pgp6 a bit. + +2007-10-23 Werner Koch + + * tools.texi (Listing global options): New. + +2007-10-19 Werner Koch + + * tools.texi (Controlling gpg-connect-agent): Updated. + +2007-08-29 Werner Koch + + * tools.texi (Checking programs): New. + +2007-08-27 Werner Koch + + * examples/pwpattern.list: New. + +2007-08-24 Werner Koch + + * debugging.texi (Common Problems): Add "A root certifciate does + not validate." + +2007-08-14 Werner Koch + + * glossary.texi (Glossary): Add a more items. + +2007-08-13 Werner Koch + + * yat2m.c (proc_texi_cmd): Do not put @samp content between two + newlines. + + * gpg-agent.texi (Agent Configuration): Explain the CM flag for + trustlist.txt. + +2007-08-09 Werner Koch + + * gpgsm.texi (Certificate Options): Describe --validation-model. + +2007-07-23 Werner Koch + + * scdaemon.texi (Scdaemon Commands): Remove obsolete --print-atr. + +2007-07-17 Werner Koch + + * gpgsm.texi (Input and Output): Document --default-key. + +2007-07-04 Werner Koch + + * gpl.texi: Updated to GPLv3. + +2007-06-22 Werner Koch + + * gpg.texi (Operational GPG Commands): Describe the flags used by + --check-sigs. + +2007-06-21 Werner Koch + + * gpgsm.texi (Certificate Management): Changed description of + --gen-key. + +2007-06-19 Werner Koch + + * glossary.texi (Glossary): Describe PSE. + +2007-06-18 Werner Koch + + * gpg-agent.texi (Agent GETINFO): New. + +2007-06-06 Werner Koch + + * Makefile.am (yat2m): Use a plain rule to build it for the sake + of cross-compiling. + + * yat2m.c (finish_page): Init SECT to NULL. + +2007-05-11 Werner Koch + + * gpgsm.texi (--export): Enhanced description. + +2007-05-09 Werner Koch + + * examples/gpgconf.conf: Remove active example line. + + * Makefile.am (online): Distinguish between released and svn manuals. + +2007-05-08 Werner Koch + + * howtos.texi: New. + * howto-create-a-server-cert.texi: New. + * Makefile.am (gnupg_TEXINFOS): Add new files. + + * gnupg.texi: Moved the logo for HTML more to the top. + * Makefile.am (install-html-local): New. + (DVIPS): Redefine to include srcdir. + +2007-05-04 Werner Koch + + * gnupg.texi (Top): Fix typo and a grammar issue. + * Makefile.am (EXTRA_DIST): Add gnupg-logo.png. Suggested by + Bernard Leak. + +2007-04-15 David Shaw + + * gpg.texi (OpenPGP Options): Update the personal-foo-preferences + documentation a bit. + +2007-04-10 Werner Koch + + * gpg.texi (GPG Configuration Options): Document --batch, no-tty, + --yes and --no. + +2007-03-08 Werner Koch + + * gnupg-logo.png, gnupg-logo.eps, gnupg-logo.pdf: New. + * gnupg-badge-openpgp.eps, gnupg-badge-openpgp.eps + * gnupg-badge-openpgp.jpg: Removed. + * gnupg.texi: Use new logo. + +2007-03-07 Werner Koch + + * tools.texi (applygnupgdefaults): New. + +2007-03-06 Werner Koch + + * examples/gpgconf.conf: New. + +2007-03-04 David Shaw + + * gpg.texi (GPG Esoteric Options): Document + --allow-multiple-messages. + +2007-02-26 Werner Koch + + * gpg.texi (GPG Configuration): Document envvar LANGUAGE. + (GPG Configuration Options): Document show-primary-uid-only. + +2007-02-18 Werner Koch + + * gpg.texi (GPG Esoteric Options): No card reader options for gpg2. + +2007-02-14 Werner Koch + + * gpg-agent.texi (Agent Options): Doc --pinentry-touch-file. + +2007-02-05 Werner Koch + + * debugging.texi (Common Problems): Tell how to export a private + key without a certificate. + +2007-01-30 Werner Koch + + * com-certs.pem: Added the current root certifcates of D-Trust and + S-Trust. + +2007-01-18 David Shaw + + * gpg.texi, specify-user-id.texi: Only some of the mentions of + exclamation marks have an example. Give examples to the rest. + +2007-01-17 David Shaw + + * gpg.texi (GPG Configuration Options): Make http_proxy option + documentation match reality. + (BUGS): Warn about hibernate/safe-sleep/etc writing main RAM to + disk, despite locking. + +2006-12-08 Werner Koch + + * gnupg.texi (direntry): Rename gpg to gpg2. + +2006-12-04 Werner Koch + + * gpgv.texi: New. + * tools.texi: Include new file. + +2006-12-02 David Shaw + + * gpg.texi (GPG Esoteric Options): Document --passphrase-repeat. + +2006-11-14 Werner Koch + + * gpgsm.texi (GPGSM EXPORT): Document changes. + +2006-11-11 Werner Koch + + * gnupg.texi (Top): Move gpg-agent part before gpg. + +2006-11-05 David Shaw + + * gpg.texi: Reference to --s2k-count in --s2k-mode. + +2006-10-30 Werner Koch + + * faq.raw: Minor corrections. + +2006-10-12 Werner Koch + + * Makefile.am (man_MANS): Do not install gnupg.7 due to a conflict + with gpg1. + +2006-10-12 David Shaw + + * gpg.texi: Document --s2k-count. + +2006-09-25 Werner Koch + + * gpg.texi (GPG Examples): Add markup to all options. This is + required to have the double dashs printed correclty. + +2006-09-22 Werner Koch + + * instguide.texi (Installation): New. + * assuan.texi (Assuan): Removed. Use the libassuan manual instead. + * gnupg.texi: Reflect these changes. + + * gpg.texi: Make some parts depend on the "gpgone" set + command. This allows us to use the same source for gpg1 and gpg2. + + * yat2m.c (parse_file): Better parsing of @ifset and ifclear. + (main): Allow definition of "-D gpgone". + (parse_file): Allow macro definitions. + (proc_texi_cmd): Expand macros. + (proc_texi_buffer): Process commands terminated by the closing + brace of the enclosing command. + +2006-09-20 Werner Koch + + * texi.css: New. Note that the current vesion of makeinfo has a + bug while copying the @import directive. A pacth has been send to + upstream. + +2006-09-19 Werner Koch + + * gpg.texi: Some restructuring. + + * Makefile.am (online): New target. + +2006-09-18 Werner Koch + + * com-certs.pem: New. + +2006-09-13 Werner Koch + + * gpg.texi (GPG Esoteric Options): Fixed typo in + --require-cross-certification and made it the default. + +2006-09-11 Werner Koch + + * HACKING: Cleaned up. + +2006-09-08 Werner Koch + + * yat2m.c (parse_file): Ignore @node lines immediately. + (proc_texi_cmd): No special @end ifset processing anymore. + + * specify-user-id.texi: New. Factored out of gpg.texi and ../README. + +2006-09-07 Werner Koch + + * scdaemon.texi (Scdaemon Configuration): New. + + * examples/scd-event: Event handler for sdaemon. + * examples/: New directory + +2006-08-22 Werner Koch + + * yat2m.c (parse_file): Added code to skip a line after @mansect. + + * gnupg7.texi: New. + +2006-08-21 Werner Koch + + * Makefile.am: Added other doc files from gpg 1.4. + +2006-08-17 Werner Koch + + * Makefile.am: Added rules to build man pages. + + * yat2m.c: New. + +2006-02-14 Werner Koch + + * gpgsm.texi (GPGSM Configuration): New section. + +2005-11-14 Werner Koch + + * qualified.txt: Added real information. + +2005-11-13 Werner Koch + + * qualified.txt: New. + * Makefile.am (dist_pkgdata_DATA): New. + +2005-08-16 Werner Koch + + * gpg-agent.texi (Agent Options): Note default file name for + --write-env-file. + +2005-06-03 Werner Koch + + * debugging.texi (Architecture Details): New section, mostly empty. + * gnupg-card-architecture.fig: New. + * Makefile.am: Rules to build png and eps versions. + + * gpg-agent.texi (Agent UPDATESTARTUPTTY): New. + +2005-05-17 Werner Koch + + * gpg-agent.texi (Agent Options): Removed --disable-pth. + +2005-04-27 Werner Koch + + * tools.texi (symcryptrun): Added. + + * scdaemon.texi: Removed OpenSC specific options. + +2005-04-20 Werner Koch + + * gpg-agent.texi (Agent Configuration): New section. + +2005-02-24 Werner Koch + + * tools.texi (gpg-connect-agent): New. + +2005-02-14 Werner Koch + + * gpgsm.texi (Certificate Management): Document --import. + +2005-01-27 Moritz Schulte + + * gpg-agent.texi: Document ssh-agent emulation layer. + +2005-01-04 Werner Koch + + * gnupg.texi: Updated to use @copying. + +2004-12-22 Werner Koch + + * gnupg.texi: Reordered. + * contrib.texi: Updated. + +2004-12-21 Werner Koch + + * tools.texi (gpg-preset-passphrase): New section. + + * gnupg-badge-openpgp.eps, gnupg-badge-openpgp.jpg: New + * gnupg.texi: Add a logo. + * sysnotes.texi: New. + +2004-11-05 Werner Koch + + * debugging.texi (Common Problems): Curses pinentry problem. + +2004-10-22 Werner Koch + + * tools.texi (Helper Tools): Document gpgsm-gencert.sh. + +2004-10-05 Werner Koch + + * gpg-agent.texi (Invoking GPG-AGENT): Tell that GPG_TTY needs to + be set in all cases. + +2004-09-30 Werner Koch + + * gpg.texi: New. + * gnupg.texi: Include gpg.texi + + * tools.texi: Add a few @command markups. + * gpgsm.texi: Ditto + * gpg-agent.texi: Ditto. + * scdaemon.texi: Ditto. + +2004-09-30 Marcus Brinkmann + + * tools.texi (Changing options): Add documentation for gpgconf. + + * contrib.texi (Contributors): Add two missing periods. + +2004-09-29 Werner Koch + + * gpgsm.texi (Configuration Options): Add --log-file. + + * gpg-agent.texi (Invoking GPG-AGENT): Add a few words about the + expected pinentry filename. + + Changed license of the manual stuff to GPL. + + * gnupg.texi (Top): New menu item Helper Tools. + + * tools.texi (Helper Tools): New. + * Makefile.am (gnupg_TEXINFOS): Add tools.texi. + +2004-08-05 Werner Koch + + * scdaemon.texi (Card applications): New section. + +2004-06-22 Werner Koch + + * glossary.texi: New. + +2004-06-18 Werner Koch + + * debugging.texi: New. + * gnupg.texi: Include it. + +2004-05-11 Werner Koch + + * gpgsm.texi (Esoteric Options): Add --debug-allow-core-dump. + +2004-05-03 Werner Koch + + * gpg-agent.texi (Agent Options): Add --allow-mark-trusted. + +2004-02-03 Werner Koch + + * contrib.texi (Contributors): Updated from the gpg 1.2.3 thanks + list. + * gpgsm.texi, gpg-agent.texi, scdaemon.texi: Language cleanups. + +2003-12-01 Werner Koch + + * gpgsm.texi (Certificate Options): Add --{enable,disable}-ocsp. + +2003-11-17 Werner Koch + + * scdaemon.texi (Scdaemon Options): Added --allow-admin and + --deny-admin. + +2003-10-27 Werner Koch + + * gpg-agent.texi (Agent GET_CONFIRMATION): New. + +2002-12-04 Werner Koch + + * gpg-agent.texi (Agent Signals): New. + +2002-12-03 Werner Koch + + * gpgsm.texi (Operational Commands): Add --passwd and + --call-protect-tool. + * gpg-agent.texi (Agent PASSWD): New + +2002-11-13 Werner Koch + + * gpg-agent.texi (Invoking GPG-AGENT): Tell about GPG_TTY. + +2002-11-12 Werner Koch + + * gpgsm.texi (Operational Commands): Add --call-dirmngr. + +2002-09-25 Werner Koch + + * gpg-agent.texi (Agent Options): Add --keep-tty and --keep-display. + +2002-09-12 Werner Koch + + * gpg-agent.texi (Invoking GPG-AGENT): Explained how to start only + one instance. + +2002-08-28 Werner Koch + + * gpg-agent.texi (Agent Options): Explained more options. + * scdaemon.texi (Scdaemon Options): Ditto. + +2002-08-09 Werner Koch + + * Makefile.am (gnupg_TEXINFOS): Include contrib.texi. + +2002-08-06 Werner Koch + + * gpgsm.texi: Added more options. + +2002-07-26 Werner Koch + + * assuan.texi: New. + * gpgsm.texi, scdaemon.texi, gpg-agent.texi: Documented the Assuan + protocol used. + +2002-07-22 Werner Koch + + * gnupg.texi, scdaemon.texi, gpg-agent.texi: New. + * contrib.texi, gpl.texi, fdl.texi: New. + * gpgsm.texi: Made this an include file for gnupg.texi. + * Makefile.am: Build gnupg.info instead of gpgsm.info. + +2002-06-04 Werner Koch + + * gpgsm.texi (Invocation): Described the various debug flags. + +2002-05-14 Werner Koch + + * Makefile.am, gpgsm.texi: New. + + Copyright 2002, 2004, 2005, 2006, 2007, 2008, 2010 Free Software Foundation, Inc. + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +Local Variables: +buffer-read-only: t +End: diff --git a/doc/DCO b/doc/DCO new file mode 100644 index 0000000..bae7bff --- /dev/null +++ b/doc/DCO @@ -0,0 +1,29 @@ +GnuPG Developer's Certificate of Origin. Version 1.0 +===================================================== + +By making a contribution to the GnuPG project, I certify that: + +(a) The contribution was created in whole or in part by me and I + have the right to submit it under the free software license + indicated in the file; or + +(b) The contribution is based upon previous work that, to the + best of my knowledge, is covered under an appropriate free + software license and I have the right under that license to + submit that work with modifications, whether created in whole + or in part by me, under the same free software license + (unless I am permitted to submit under a different license), + as indicated in the file; or + +(c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +(d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including + all personal information I submit with it, including my + sign-off) is maintained indefinitely and may be redistributed + consistent with this project or the free software license(s) + involved. + +Signed-off-by: [Your name and mail address] diff --git a/doc/DETAILS b/doc/DETAILS new file mode 100644 index 0000000..a02ba35 --- /dev/null +++ b/doc/DETAILS @@ -0,0 +1,1617 @@ +# doc/DETAILS -*- org -*- +#+TITLE: GnuPG Details +# Globally disable superscripts and subscripts: +#+OPTIONS: ^:{} +# + +# Note: This file uses org-mode; it should be easy to read as plain +# text but be aware of some markup peculiarities: Verbatim code is +# enclosed in #+begin-example, #+end-example blocks or marked by a +# colon as the first non-white-space character, words bracketed with +# equal signs indicate a monospace font, and the usual /italics/, +# *bold*, and _underline_ conventions are recognized. + +This is the DETAILS file for GnuPG which specifies some internals and +parts of the external API for GPG and GPGSM. + +* Format of the colon listings + + The format is a based on colon separated record, each recods starts + with a tag string and extends to the end of the line. Here is an + example: +#+begin_example +$ gpg --with-colons --list-keys \ + --with-fingerprint --with-fingerprint wk@gnupg.org +pub:f:1024:17:6C7EE1B8621CC013:899817715:1055898235::m:::scESC: +fpr:::::::::ECAF7590EB3443B5C7CF3ACB6C7EE1B8621CC013: +uid:f::::::::Werner Koch : +uid:f::::::::Werner Koch : +sub:f:1536:16:06AD222CADF6A6E1:919537416:1036177416:::::e: +fpr:::::::::CF8BCC4B18DE08FCD8A1615906AD222CADF6A6E1: +sub:r:1536:20:5CE086B5B5A18FF4:899817788:1025961788:::::esc: +fpr:::::::::AB059359A3B81F410FCFF97F5CE086B5B5A18FF4: +#+end_example + +Note that new version of GnuPG or the use of certain options may add +new fields to the output. Parsers should not assume a limit on the +number of fields per line. Some fields are not yet used or only used +with certain record types; parsers should ignore fields they are not +aware of. New versions of GnuPG or the use of certain options may add +new types of records as well. Parsers should ignore any record whose +type they do not recognize for forward-compatibility. + +The double =--with-fingerprint= prints the fingerprint for the subkeys +too. Old versions of gpg used a slightly different format and required +the use of the option =--fixed-list-mode= to conform to the format +described here. + + +** Description of the fields +*** Field 1 - Type of record + + - pub :: Public key + - crt :: X.509 certificate + - crs :: X.509 certificate and private key available + - sub :: Subkey (secondary key) + - sec :: Secret key + - ssb :: Secret subkey (secondary key) + - uid :: User id + - uat :: User attribute (same as user id except for field 10). + - sig :: Signature + - rev :: Revocation signature + - rvs :: Recocation signature (standalone) [since 2.2.9] + - fpr :: Fingerprint (fingerprint is in field 10) + - fp2 :: SHA-256 fingerprint (fingerprint is in field 10) + - pkd :: Public key data [*] + - grp :: Keygrip + - rvk :: Revocation key + - tfs :: TOFU statistics [*] + - tru :: Trust database information [*] + - spk :: Signature subpacket [*] + - cfg :: Configuration data [*] + + Records marked with an asterisk are described at [[*Special%20field%20formats][*Special fields]]. + +*** Field 2 - Validity + + This is a letter describing the computed validity of a key. + Currently this is a single letter, but be prepared that additional + information may follow in some future versions. Note that GnuPG < + 2.1 does not set this field for secret key listings. + + - o :: Unknown (this key is new to the system) + - i :: The key is invalid (e.g. due to a missing self-signature) + - d :: The key has been disabled + (deprecated - use the 'D' in field 12 instead) + - r :: The key has been revoked + - e :: The key has expired + - - :: Unknown validity (i.e. no value assigned) + - q :: Undefined validity. '-' and 'q' may safely be treated as + the same value for most purposes + - n :: The key is not valid + - m :: The key is marginal valid. + - f :: The key is fully valid + - u :: The key is ultimately valid. This often means that the + secret key is available, but any key may be marked as + ultimately valid. + - w :: The key has a well known private part. + - s :: The key has special validity. This means that it might be + self-signed and expected to be used in the STEED system. + + If the validity information is given for a UID or UAT record, it + describes the validity calculated based on this user ID. If given + for a key record it describes the validity taken from the best + rated user ID. + + For X.509 certificates a 'u' is used for a trusted root + certificate (i.e. for the trust anchor) and an 'f' for all other + valid certificates. + + In "sig" records, this field may have one of these values as first + character: + + - ! :: Signature is good. + - - :: Signature is bad. + - ? :: No public key to verify signature or public key is not usable. + - % :: Other error verifying a signature + + More values may be added later. The field may also be empty if + gpg has been invoked in a non-checking mode (--list-sigs) or in a + fast checking mode. Since 2.2.7 '?' will also be printed by the + command --list-sigs if the key is not in the local keyring. + +*** Field 3 - Key length + + The length of key in bits. + +*** Field 4 - Public key algorithm + + The values here are those from the OpenPGP specs or if they are + greather than 255 the algorithm ids as used by Libgcrypt. + +*** Field 5 - KeyID + + This is the 64 bit keyid as specified by OpenPGP and the last 64 + bit of the SHA-1 fingerprint of an X.509 certifciate. + +*** Field 6 - Creation date + + The creation date of the key is given in UTC. For UID and UAT + records, this is used for the self-signature date. Note that the + date is usually printed in seconds since epoch, however, we are + migrating to an ISO 8601 format (e.g. "19660205T091500"). This is + currently only relevant for X.509. A simple way to detect the new + format is to scan for the 'T'. Note that old versions of gpg + without using the =--fixed-list-mode= option used a "yyyy-mm-tt" + format. + +*** Field 7 - Expiration date + + Key or UID/UAT expiration date or empty if it does not expire. + +*** Field 8 - Certificate S/N, UID hash, trust signature info + + Used for serial number in crt records. For UID and UAT records, + this is a hash of the user ID contents used to represent that + exact user ID. For trust signatures, this is the trust depth + separated by the trust value by a space. + +*** Field 9 - Ownertrust + + This is only used on primary keys. This is a single letter, but + be prepared that additional information may follow in future + versions. For trust signatures with a regular expression, this is + the regular expression value, quoted as in field 10. + +*** Field 10 - User-ID + + The value is quoted like a C string to avoid control characters + (the colon is quoted =\x3a=). For a "pub" record this field is + not used on --fixed-list-mode. A UAT record puts the attribute + subpacket count here, a space, and then the total attribute + subpacket size. In gpgsm the issuer name comes here. The FPR and FP2 + records store the fingerprints here. The fingerprint of a + revocation key is stored here. + +*** Field 11 - Signature class + + Signature class as per RFC-4880. This is a 2 digit hexnumber + followed by either the letter 'x' for an exportable signature or + the letter 'l' for a local-only signature. The class byte of an + revocation key is also given here, 'x' and 'l' is used the same + way. This field if not used for X.509. + + "rev" and "rvs" may be followed by a comma and a 2 digit hexnumber + with the revocation reason. + +*** Field 12 - Key capabilities + + The defined capabilities are: + + - e :: Encrypt + - s :: Sign + - c :: Certify + - a :: Authentication + - ? :: Unknown capability + + A key may have any combination of them in any order. In addition + to these letters, the primary key has uppercase versions of the + letters to denote the _usable_ capabilities of the entire key, and + a potential letter 'D' to indicate a disabled key. + +*** Field 13 - Issuer certificate fingerprint or other info + + Used in FPR records for S/MIME keys to store the fingerprint of + the issuer certificate. This is useful to build the certificate + path based on certificates stored in the local key database it is + only filled if the issuer certificate is available. The root has + been reached if this is the same string as the fingerprint. The + advantage of using this value is that it is guaranteed to have + been built by the same lookup algorithm as gpgsm uses. + + For "uid" records this field lists the preferences in the same way + gpg's --edit-key menu does. + + For "sig", "rev" and "rvs" records, this is the fingerprint of the + key that issued the signature. Note that this may only be filled + if the signature verified correctly. Note also that for various + technical reasons, this fingerprint is only available if + --no-sig-cache is used. Since 2.2.7 this field will also be set + if the key is missing but the signature carries an issuer + fingerprint as meta data. + +*** Field 14 - Flag field + + Flag field used in the --edit menu output + +*** Field 15 - S/N of a token + + Used in sec/ssb to print the serial number of a token (internal + protect mode 1002) or a '#' if that key is a simple stub (internal + protect mode 1001). If the option --with-secret is used and a + secret key is available for the public key, a '+' indicates this. + +*** Field 16 - Hash algorithm + + For sig records, this is the used hash algorithm. For example: + 2 = SHA-1, 8 = SHA-256. + +*** Field 17 - Curve name + + For pub, sub, sec, and ssb records this field is used for the ECC + curve name. + +*** Field 18 - Compliance flags + + Space separated list of asserted compliance modes for this key. + + Valid values are: + + - 8 :: The key is compliant with RFC4880bis + - 23 :: The key is compliant with compliance mode "de-vs". + +*** Field 19 - Last update + + The timestamp of the last update of a key or user ID. The update + time of a key is defined a lookup of the key via its unique + identifier (fingerprint); the field is empty if not known. The + update time of a user ID is defined by a lookup of the key using a + trusted mapping from mail address to key. + +*** Field 20 - Origin + + The origin of the key or the user ID. This is an integer + optionally followed by a space and an URL. This goes along with + the previous field. The URL is quoted in C style. + +*** Field 21 - Comment + + This is currently only used in "rev" and "rvs" records to carry + the the comment field of the recocation reason. The value is + quoted in C style. + +** Special fields + +*** PKD - Public key data + + If field 1 has the tag "pkd", a listing looks like this: +#+begin_example +pkd:0:1024:B665B1435F4C2 .... FF26ABB: + ! ! !-- the value + ! !------ for information number of bits in the value + !--------- index (eg. DSA goes from 0 to 3: p,q,g,y) +#+end_example + +*** TFS - TOFU statistics + + This field may follows a UID record to convey information about + the TOFU database. The information is similar to a TOFU_STATS + status line. + + - Field 2 :: tfs record version (must be 1) + - Field 3 :: validity - A number with validity code. + - Field 4 :: signcount - The number of signatures seen. + - Field 5 :: encrcount - The number of encryptions done. + - Field 6 :: policy - A string with the policy + - Field 7 :: signture-first-seen - a timestamp or 0 if not known. + - Field 8 :: signature-most-recent-seen - a timestamp or 0 if not known. + - Field 9 :: encryption-first-done - a timestamp or 0 if not known. + - Field 10 :: encryption-most-recent-done - a timestamp or 0 if not known. + +*** TRU - Trust database information + Example for a "tru" trust base record: +#+begin_example + tru:o:0:1166697654:1:3:1:5 +#+end_example + + - Field 2 :: Reason for staleness of trust. If this field is + empty, then the trustdb is not stale. This field may + have multiple flags in it: + + - o :: Trustdb is old + - t :: Trustdb was built with a different trust model + than the one we are using now. + + - Field 3 :: Trust model + + - 0 :: Classic trust model, as used in PGP 2.x. + - 1 :: PGP trust model, as used in PGP 6 and later. + This is the same as the classic trust model, + except for the addition of trust signatures. + + GnuPG before version 1.4 used the classic trust model + by default. GnuPG 1.4 and later uses the PGP trust + model by default. + + - Field 4 :: Date trustdb was created in seconds since Epoch. + - Field 5 :: Date trustdb will expire in seconds since Epoch. + - Field 6 :: Number of marginally trusted users to introduce a new + key signer (gpg's option --marginals-needed). + - Field 7 :: Number of completely trusted users to introduce a new + key signer. (gpg's option --completes-needed) + + - Field 8 :: Maximum depth of a certification chain. (gpg's option + --max-cert-depth) + +*** SPK - Signature subpacket records + + - Field 2 :: Subpacket number as per RFC-4880 and later. + - Field 3 :: Flags in hex. Currently the only two bits assigned + are 1, to indicate that the subpacket came from the + hashed part of the signature, and 2, to indicate the + subpacket was marked critical. + - Field 4 :: Length of the subpacket. Note that this is the + length of the subpacket, and not the length of field + 5 below. Due to the need for %-encoding, the length + of field 5 may be up to 3x this value. + - Field 5 :: The subpacket data. Printable ASCII is shown as + ASCII, but other values are rendered as %XX where XX + is the hex value for the byte. + +*** CFG - Configuration data + + --list-config outputs information about the GnuPG configuration + for the benefit of frontends or other programs that call GnuPG. + There are several list-config items, all colon delimited like the + rest of the --with-colons output. The first field is always "cfg" + to indicate configuration information. The second field is one of + (with examples): + + - version :: The third field contains the version of GnuPG. + + : cfg:version:1.3.5 + + - pubkey :: The third field contains the public key algorithms + this version of GnuPG supports, separated by + semicolons. The algorithm numbers are as specified in + RFC-4880. Note that in contrast to the --status-fd + interface these are _not_ the Libgcrypt identifiers. + Using =pubkeyname= prints names instead of numbers. + + : cfg:pubkey:1;2;3;16;17 + + - cipher :: The third field contains the symmetric ciphers this + version of GnuPG supports, separated by semicolons. + The cipher numbers are as specified in RFC-4880. + Using =ciphername= prints names instead of numbers. + + : cfg:cipher:2;3;4;7;8;9;10 + + - digest :: The third field contains the digest (hash) algorithms + this version of GnuPG supports, separated by + semicolons. The digest numbers are as specified in + RFC-4880. Using =digestname= prints names instead of + numbers. + + : cfg:digest:1;2;3;8;9;10 + + - compress :: The third field contains the compression algorithms + this version of GnuPG supports, separated by + semicolons. The algorithm numbers are as specified + in RFC-4880. + + : cfg:compress:0;1;2;3 + + - group :: The third field contains the name of the group, and the + fourth field contains the values that the group expands + to, separated by semicolons. + + For example, a group of: + : group mynames = paige 0x12345678 joe patti + would result in: + : cfg:group:mynames:patti;joe;0x12345678;paige + + - curve :: The third field contains the curve names this version + of GnuPG supports, separated by semicolons. Using + =curveoid= prints OIDs instead of numbers. + + : cfg:curve:ed25519;nistp256;nistp384;nistp521 + + +* Format of the --status-fd output + + Every line is prefixed with "[GNUPG:] ", followed by a keyword with + the type of the status line and some arguments depending on the type + (maybe none); an application should always be willing to ignore + unknown keywords that may be emitted by future versions of GnuPG. + Also, new versions of GnuPG may add arguments to existing keywords. + Any additional arguments should be ignored for forward-compatibility. + +** General status codes +*** NEWSIG [] + Is issued right before a signature verification starts. This is + useful to define a context for parsing ERROR status messages. + If SIGNERS_UID is given and is not "-" this is the percent-escaped + value of the OpenPGP Signer's User ID signature sub-packet. + +*** GOODSIG + The signature with the keyid is good. For each signature only one + of the codes GOODSIG, BADSIG, EXPSIG, EXPKEYSIG, REVKEYSIG or + ERRSIG will be emitted. In the past they were used as a marker + for a new signature; new code should use the NEWSIG status + instead. The username is the primary one encoded in UTF-8 and %XX + escaped. The fingerprint may be used instead of the long keyid if + it is available. This is the case with CMS and might eventually + also be available for OpenPGP. + +*** EXPSIG + The signature with the keyid is good, but the signature is + expired. The username is the primary one encoded in UTF-8 and %XX + escaped. The fingerprint may be used instead of the long keyid if + it is available. This is the case with CMS and might eventually + also be available for OpenPGP. + +*** EXPKEYSIG + The signature with the keyid is good, but the signature was made + by an expired key. The username is the primary one encoded in + UTF-8 and %XX escaped. The fingerprint may be used instead of the + long keyid if it is available. This is the case with CMS and + might eventually also be available for OpenPGP. + +*** REVKEYSIG + The signature with the keyid is good, but the signature was made + by a revoked key. The username is the primary one encoded in UTF-8 + and %XX escaped. The fingerprint may be used instead of the long + keyid if it is available. This is the case with CMS and might + eventually also beñ available for OpenPGP. + +*** BADSIG + The signature with the keyid has not been verified okay. The + username is the primary one encoded in UTF-8 and %XX escaped. The + fingerprint may be used instead of the long keyid if it is + available. This is the case with CMS and might eventually also be + available for OpenPGP. + +*** ERRSIG