On Tue, 2 Jul 2019 10:23, gnupg-users@gnupg.org said: > Why not make "import-clean" and "import-minimal" strip key signatures > before importing a key? That would make "import-minimal" behave like
Because that contradicts what import-clean is supposed to do: After import, compact (remove all signatures except the self-signature) any user IDs from the new key that are not usable. Then, remove any signatures from the new key _that are not usable_. This includes signatures that were issued by keys that are not present on the keyring. To do this gpg needs to check whether the corresponding key exists and the verify the signature using that key. In contrast self-sigs-only removes all signature which are not self-signature right away by just comparing a 64 bit integer. > My opinion: make "keyserver-options import-clean" the default and make > it internally never import any unknown signatures. Sorry, this is a catch-22. We need the key to verify the signature. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users