On Sat, 05 Jul 2008, Werner Koch wrote:
> On Fri, 4 Jul 2008 14:53, [EMAIL PROTECTED] said:
>
> > When I have a signature made by an expired key, will I get
> > {GOODSIG,EXPKEYSIG},
> > or {BADSIG,EXPKEYSIG}?
>
> Only one them:
>
> if( !rc || gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE ) {
> KBNODE un, keyblock;
> int count=0, statno;
> char keyid_str[50];
> PKT_public_key *pk=NULL;
>
> if(rc)
> statno=STATUS_BADSIG;
> else if(sig->flags.expired)
> statno=STATUS_EXPSIG;
> else if(is_expkey)
> statno=STATUS_EXPKEYSIG;
> else if(is_revkey)
> statno=STATUS_REVKEYSIG;
> else
> statno=STATUS_GOODSIG;
>
> in addition you will get a VALIDSIG line if the signature is good. Thus
> you see {EXPKEYSIG,VALIDSIG} for a valid signature donme with an expired
> key.
DETAILS in 1.4.9 says:
| GOODSIG <long keyid> <username>
| The signature with the keyid is good. For each signature only
| one of the three codes GOODSIG, BADSIG or ERRSIG will be
| emitted and they may be used as a marker for a new signature.
So probably this ought to be updated?
Thanks,
weasel
--
| .''`. ** Debian GNU/Linux **
Peter Palfrader | : :' : The universal
http://www.palfrader.org/ | `. `' Operating System
| `- http://www.debian.org/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
