On 16.09.15 01:15, Jacob L Anawalt wrote: (...) > My observation with my keyring has been that "Display invalid keys" > only hides revoked and expired keys from my list. It may do more than > that for a keyring with keys in more states than mine. Like your > experience, I still have a lot of keys with "-" or "unknown" in the > Key Validity column with that filter turned off.
Keys with validity hidden when "Display invalid keys" unchecked: 'i':invalid 'e':expired 'r':revoked 'D':disabled > (...) > Viewing a sampling of the keys using gpg, the "stuck" ones that say > "unknown" in the Owner Trust column of Enigmail say "trust: undefined" > in the gpg output. The key I have set to trusted in Enigmail says > "trust: full" in gpg. My default key that says ultimate in Enigmail > says "trust: ultimate" in gpg. The rest of the keys that show "-" in > Enigmail say "trust: unknown" in gpg: > > Owner Trust mapping > Enigmail GnuPG trust value > ultimate ultimate 6 > trusted full 5 > marginal marginal 4 > untrusted never 3 > unknown undefined 2 > - unknown <missing> Thanks for looking this up! > I got the trust values from gpg --export-ownertrust. The entries that > show up as "-" in Enigmail and "unknown" in GnuPG don't export. I > expect this is because an ownertrust was never assigned to those keys. > Keys in that state stay out of the trusted keys list, but once > assigned via Enigmail or gpg to a trust value of 2, 4, 5, or 6 they > show up in the list. > > I think that a key with trust a value of 2 should not be in the list, > just like ones without a trust value assignment and the ones with > trust value of 3. Enigmail does not use the --export-ownertrust, but instead it uses --list-keys and --with-colons. The documentation of all output is in the doc/Details of GnuPG source code, which for "Ownertrust" is quite fuzzy compared with the rest. Enigmail should hide the following codes if "Display untrusted keys" is unchecked: - / Unknown (i.e. no value assigned) n / Untrusted I think we should both hide the "unknown"/"undefined" and "untrusted/never". I don't think, we should change the labelling before the OpenPGP summit comes up with a new unified language. Ludwig
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
