Re: [PATCH 1/1] verify-tag/verify-commit should exit unsuccessfully when signature is not trusted

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Santiago Torres <santiago@xxxxxxx> writes:

> Now that I think about it though, verify tag can verify more than one
> tag. I assume that this would make it difficult to propagate individual
> errors in trusting. I honestly don't know what's the best way to modify
> this behavior then.

I am not sure if changing the behaviour is warranted to begin with.
Especially when somebody wants to get more than a single bit.  I
think our single bit signals "does signature compute correctly?"
without taking "how much trust do we place in that particular key?"
into account.  As Brian mentioned in an earlier response, those who
want to take different factors like the level of trust etc. into
account can read from "--raw", using the exit code only for "does
signature compute correctly?" and nothing else.  That would allow
them to perform any validation underlying GNUPG let them to do.






[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux