[Cryptography] ToFU +- SaFU
Werner Koch
wk at gnupg.org
Thu Apr 16 15:15:35 EDT 2015
On Thu, 16 Apr 2015 12:51, nbohm at ernest.net said:
> Are there such implementations? If not, the subtleties which rfc 4880 offers
> are somewhat theoretical.
>From the gpg man page:
--sig-policy-url string
--cert-policy-url string
--set-policy-url string
Use string as a Policy URL for signatures (rfc4880:5.2.3.20). If
you prefix it with an exclamation mark (!), the policy URL packet
will be flagged as critical. --sig-policy-url sets a policy url for
data signatures. --cert-policy-url sets a policy url for key
signatures (certifications). --set-policy-url sets both.
The same %-expandos used for notation data are available
here as well.
and
--ask-cert-level
--no-ask-cert-level
When making a key signature, prompt for a certification level. If
this option is not specified, the certification level used is set
via --default-cert-level. See --default-cert-level for information
on the specific levels and how they are used. --no-ask-cert-level
disables this option. This option defaults to no.
--default-cert-level n
[...]
--set-policy-url since 1999, --default-cert-level since 2004.
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the cryptography
mailing list