On Sat, Jun 4, 2011 at 9:30 AM, Allan McRae <[email protected]> wrote: > On 02/06/11 06:50, Dan McGee wrote: >> >> On Wed, Jun 1, 2011 at 3:46 PM, Dan McGee<[email protected]> wrote: >>> >>> ^^^ You deleted the blank line between the patch subject and the >>> summary text, which makes it do what it did. You'll want to put that >>> back. >>> >>> On Wed, Jun 1, 2011 at 3:03 PM, Kerrick Staley<[email protected]> >>> wrote: >>> >>> So I don't find VerifySig any more appitizing, other than matching the >>> option name we came up with. I was leaning in my head when I wrote up >>> this TODO toward something like GPGLevel, SigLevel, etc. I also think >>> we may need to be a bit more granular than our current >>> Always/Optional/Never trifecta. We have a multitude of possibilities >>> when checking a signature: >>> >>> * Valid signature, fully trusted (or ultimate, >>> (GPGME_VALIDITY_{ULTIMATE, FULL}). >>> >>> * Valid signature, unknown trust/unknown key (GPGME_VALIDITY_UNKNOWN, >>> GPGME_SIGSUM_KEY_MISSING). >>> * Valid signature, trust somewhere in between (marginal, >>> GPGME_VALIDITY_MARGINAL). >>> >>> * Valid signature, user is never valid (GPGME_VALIDITY_NEVER) >>> * Valid signature, signature is however expired >>> (GPGME_SIGSUM_SIG_EXPIRED) >>> * Valid signature, key is however expired (GPGME_SIGSUM_KEY_EXPIRED) >>> * Bad signature, trust level is irrelevant (GPGME_VALIDITY_RED) >>> >>> Thoughts from anyone else on the naming, as well as what to do as far >>> as expanded options? I've divided it above into roughly 3 categories, >>> of which the top would always be acceptable, the bottom would never, >>> and the middle could be a switchable option. I'm envisioning something >>> like: >>> >>> SigLevel = Always AllowUnknown >>> >>> [core] >>> SigLevel = Always >>> >>> [otherrepo] >>> SigLevel = Optional AllowUnknown >> >> I should also add that the ability to have a signed database without >> signed packages could be done this same way; e.g. "SigLevel = >> NoPackages" or something (maybe even a corresponding "NoDatabase"). >> > > That sort of naming scheme sounds fine to me. > > How about CheckLevel rather than SigLevel as it is the level of the checking > that is being done once you add options like "NoPackages"? Sounds good to me.
> Anyway, we can bikeshed the name later! But this might actually be a case > where setting up a wiki page to hash out the configuration format and > options could be useful. At least I think it would be helpful to have this > written down somewhere so I can get it all straight in my head and it could > be used as the basis of the man page later. Agreed. Although as far as setting up a wiki page we should probably first winnow down the multiple ones into one master page so it is a bit more clear where we are and where we are going as a team (and not thoughts from two years ago). I'll see if I can tackle this task in the next day or two as my current round of patches bake a bit on the ML. -Dan
