On Sun, May 1, 2011 at 1:54 PM, zirconium <[email protected]> wrote: > Hi > > Is there a way to display hash algorithms along with public key > algoritms (and its lenght) of signatures when issuing "--check-sigs" > (or check in the "--edit-key" shell)? > > I also would like to know if there is a way to force that GPG will not > accept signatures made with a certain hash or public key algorithms, > when calculating validity of keys trough web of trust? In the case of > public key it should be possible to specify key length. > > > I didnt have luck finding answers to my questions in documentation, > only a partial solution to my second question: > > There is an option "disable-pubkey-algo" that will totally disable > choosen public key algoritm, however it only works after doing > --check-trustdb with that option, otherwise it still accepts key > signatures (certifications) made with disabled algorithm, as a valid > signatures (for example when calculating key validity, or when doing > "--check-sigs"). It can create problems when changing from > "trust-model pgp" to "trust-model direct", beacuse as GPG says, there > is "no need for a trustdb check with `direct' trust model". But is > that really true that that there is no need for trustdb check? Im not > sure, but GPG doesnt allow that. > > So while "disable-pubkey-algo" can be used to disable signatures made > with certain public key algorithm when calculating validity of keys > trough web of trust, there is no way to specify key length. Also there > is no such option for hash algorithms. No "disable-hash-algo" or > "disable-cert-digest-algo" or anything like that. > > > > Could you point me to specific portions of documentation? > Thanks for help >
Anyone willing to help? Please answer. Thanks _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
