Michael J Gruber <g...@drmicha.warpmail.net> writes:
>> Then currently %G? results in `N', the same as an unsigned commit.
>> In this case, could %G? please result in a new character? Perhaps `M'
>> for "missing public key"?
> Yes, and no.
> Really, there are many different reasons why a signature couldn't be
> checked, but gpg itself has these status results:
> "For each signature only one of the three codes GOODSIG, BADSIG or
> ERRSIG will be emitted" (doc/DETAILS in gpg's source).
I see. It seems in GPG2 that got expanded to:
"For each signature only one of the codes GOODSIG, BADSIG, EXPSIG,
EXPKEYSIG, REVKEYSIG or ERRSIG will be emitted."
I don't suppose it's worthwhile to support the others? I'm not sure how
important the rest are.
> ERRSIG comes with additional info (RC) that could be parsed for the reason.
> Also, in addition to that line, there can be other lines with additional
> information. So there is a lot that could potentially be shown (and *is*
> shown with %GG). In the GOODSIG case, we parse the TRUST info to take
> the trust model into account (and return U for untrusted good).
> I wouldn't mind adding E to %G? in the ERRSIG case, even though one has
> to look at %GG in any case (N or E) if one wants to have more details.
That would be great. As long as %G? can tell between a signed but
uncheckable commit and an unsigned commit, then it's good for me.