[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Wed, 06 Mar 2019 22:38:02 -0500
[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
The relevant section of the GPG manual says:
Trust values are used to indicate ownertrust and validity of keys
user IDs. They are displayed with letters or strings:
- unknown No ownertrust assigned / not yet calculated.
Trust calculation has failed; probably due to an expired key.
q undefined, undef Not enough information for calculation.
n never Never trust this key.
m marginal Marginally trusted.
f full Fully trusted.
u ultimate Ultimately trusted.
r revoked For validity only: the key or the user ID has
? err The program encountered an unknown trust value.
Thanks for finding that. I would not have had an easy time finding it
> +This will display a list of keys with their validity status,
> +keyid, and associated name. See 'TRUST VALUES' in the gpg
That is too vague to be helpful. It tells the reader to search for
some other publication, and doesn't even say precisely what
publication or what its name is -- let alone where to look.
I don't think I could have got anywhere from it.
I think we should include a cleaned-up and clarified version of this
table in those two commands' doc strings.
But we need to fill in some gaps. From that text, it is not clear
what q means. Also, it is oriented towards answering the question
"what does the trust calculation do with this key" rather than "what
is the status of this key".
GNU documentation should try to be _helpful_ and present material in
terms of what the user wants to know.
Attempting to convert the list above into practical meanings for
a user, here's my draft for an improved table.
e key has expired
r Key has been revoked.
How much trust to put in signatures of other keys by this one:
m marginal trust
f full trust (for instance, you signed this key)
u ultimate trust
[I don't entirely understand those. I do not understand GPG's trust
facilities, I don't want to learn to understand them; what I really
want to know is whether I signed that key. How can I tell that?]
? inconsistency in key ring trust data
q some other strange case
[What does that really mean? How does q differ from hyphen?]
Can anyone clear up the unclear points?
Dr Richard Stallman
President, Free Software Foundation (https://gnu.org, https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)
- bug#34726: epa-insert-keys, Richard Stallman, 2019/03/03
- bug#34726: epa-insert-keys, Eli Zaretskii, 2019/03/05
- bug#34726: epa-insert-keys, Richard Stallman, 2019/03/05
- bug#34726: epa-insert-keys, Robert Pluim, 2019/03/06
- bug#34726: epa-insert-keys,
Richard Stallman <=
- bug#34726: epa-insert-keys, Robert Pluim, 2019/03/07
- bug#34726: epa-insert-keys, Richard Stallman, 2019/03/07
- bug#34726: epa-insert-keys, Eli Zaretskii, 2019/03/08
- bug#34726: epa-insert-keys, Richard Stallman, 2019/03/08