On 03/03/2017 06:04 PM, Gerd v. Egidy wrote:
> When reading the gpg2 manpage on return codes:
One quick observation, if using this in automated way and return code
matters, you likely want to check out "gpgv", otherwise you should be
parsing --status-fd output for more details
--
---
Hi Kristian,
On Friday, 03 March 2017 18:11:04 CET Kristian Fiskerstrand wrote:
> On 03/03/2017 06:04 PM, Gerd v. Egidy wrote:
> > When reading the gpg2 manpage on return codes:
> One quick observation, if using this in automated way and return code
> matters, you likely want to check out "gpgv",
Hi Robert,
> > I think it should return 1 in this case. But I get 2. Why?
>
> Because there were no bad signatures. A signature which cannot be
> verified is neither good nor bad, it just is.
ok.
> The alternative would be for GnuPG to return a bad signature literally
> *whenever* it had no pu
> I think it should return 1 in this case. But I get 2. Why?
Because there were no bad signatures. A signature which cannot be
verified is neither good nor bad, it just is.
The alternative would be for GnuPG to return a bad signature literally
*whenever* it had no public key with which to verify
Hi,
I have a scenario where a signature on a file should be checked. The file is
signed by several keys and for this scenario it is ok if at least one is
correct. In some cases it can happen that the system doing the check does not
have access to all public keys that are used for signing.
When re