Am 29 Oct 2005 um 2:25 hat Henry Hertz Hobbit geschrieben: > On 27 Oct 2005 Dirk Traulsen wrote: > ----snip---- > > So here is my feature request: Please make an option to delete > > signatures, for which there is no corresponding signing key on > > the local keyring. ----snip---- > > I hope I am misunderstanding this. I think I am. > > I have a little bit of a problem with this. First, I am NOT part of > the WOT and never will be (look at my name and you will see why). > Second, I have precious few public keys on my key ring, and Werner is > one of them. You should all of those pretty "[User ID not found]" > after all of those sigs. Thank goodness I am NOT part of the WOT. If > I was (part of the WOT) and cleaned out all of those signatures on his > key, signed it, and uploaded it to one of the keyservers so it > reflected he had another signee, what would happen to the ones that > were cleaned out? I am sure that most if not all of them are > legitimate signatures. > > Like I said, I am pretty sure I am misunderstanding what you are > doing.
Yes, you do! This does not effect the keys on the keyservers! The keyservers always only add or merge the keys they are sent. This means, if there is already a key with that ID, they take the sent key apart and add the new parts (if there are any). 'clean total' would have absolutely no effect on the keyservers or the WoT. The proposal is about all those [User ID not found] in the keys in your LOCAL keyring. My proposal would only have an effect on the keyringsize on your storage media. Even in my really small keyring, there are several thousand of unused signatures. Can you imaging the effect on local keyrings with hundreds of keys? Because you don't have the corresponding signing key in your local keyring, gpg cannot verify them, so these signatures are not useful for you. (With the exception, that you have a visual hint that there are more signatures on the keyservers.) This cleaning effect only lasts until the next '--refresh-keys', where you always get the complete keys with all signatures from the keyserver. If you had put the proposed option 'clean total' in your keyserver-options or import-options, then like 'clean' today, gpg would first import the complete key and after checking which signatures are still not usable, automatically clean the keys again. I obviously think this to be a good thing to have, but I'm a little discouraged by the nearly total lack of interest of the list. I would really appreciate a discussion of the proposed feature and change of the man-page. Please write if you think that it's a waste of time or preferably that you would like to have this feature. Dirk _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
