On Tue, Sep 22, 2009 at 11:19 AM, Werner Koch <[email protected]> wrote: > On Tue, 22 Sep 2009 16:26, [email protected] said: >> Just a quick question on the --status-fd output from a --verify >> operation: if EXPSIG, EXPKEYSIG, or REVKEYSIG are given, could >> VALIDSIG or GOODSIG also show up? In other words, are these just for > > It depends. EXPKEYSIG for example may come in addition to VALIDSIG. > VALIDSIG is the modern version of GOODSIG. Except for the description > in doc/DETAILS we don't have a more specific description (it is on our > task list, though). > > The best way to see what you can expect is to look at the gpgme code. > gpgme/src/verify.c computes the validity of signatures. Processing the > NEWSIG status line is in general a good idea so that you don't mix the > status lines given for different signatures. > > > Salam-Shalom, > > Werner > > > -- > Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. > >
Thanks for the response. So EXPKEYSIG doesn't mean the key was expired when the signature was made, right? If that shows up along with VALIDSIG, it's ok to trust the signature, correct? What about REVKEYSIG? If a key is revoked, is there an easy way to know if the signature was made prior to revocation, or would it be necessary to just compare the stamps on the signature and the revocation? Thanks, -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
