[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#34726: epa-insert-keys

From: Richard Stallman
Subject: bug#34726: epa-insert-keys
Date: Wed, 06 Mar 2019 22:38:02 -0500

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

     The relevant section of the GPG manual says:

           Trust  values  are used to indicate ownertrust and validity of keys 
           user IDs.  They are displayed with letters or strings:

           -      unknown No ownertrust assigned / not yet calculated.

           e      expired

                  Trust calculation has failed; probably due to an expired key.

           q      undefined, undef Not enough information for calculation.

           n      never Never trust this key.

           m      marginal Marginally trusted.

           f      full Fully trusted.

           u      ultimate Ultimately trusted.

           r      revoked For validity only: the key  or  the  user  ID  has  

           ?      err The program encountered an unknown trust value.

Thanks for finding that.  I would not have had an easy time finding it

  > +This will display a list of keys with their validity status,
  > +keyid, and associated name.  See 'TRUST VALUES' in the gpg
  > +documentation 

That is too vague to be helpful.  It tells the reader to search for
some other publication, and doesn't even say precisely what
publication or what its name is -- let alone where to look.

I don't think I could have got anywhere from it.

I think we should include a cleaned-up and clarified version of this
table in those two commands' doc strings.

But we need to fill in some gaps.  From that text, it is not clear
what q means.  Also, it is oriented towards answering the question
"what does the trust calculation do with this key" rather than "what
is the status of this key".

GNU documentation should try to be _helpful_ and present material in
terms of what the user wants to know.

Attempting to convert the list above into practical meanings for
a user, here's my draft for an improved table.

           e      key has expired
           r      Key has been revoked.

           How much trust to put in signatures of other keys by this one:
           n      none
           m      marginal trust
           f      full trust (for instance, you signed this key)
           u      ultimate trust

[I don't entirely understand those.  I do not understand GPG's trust
facilities, I don't want to learn to understand them; what I really
want to know is whether I signed that key.  How can I tell that?]

           ?      inconsistency in key ring trust data
           q      some other strange case

[What does that really mean?  How does q differ from hyphen?]

Can anyone clear up the unclear points?

Dr Richard Stallman
President, Free Software Foundation (https://gnu.org, https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]