diff options
| author | David Shaw <dshaw@jabberwocky.com> | 2003-05-04 19:05:04 +0200 |
|---|---|---|
| committer | David Shaw <dshaw@jabberwocky.com> | 2003-05-04 19:05:04 +0200 |
| commit | 4b256be065831dafa2704ba9e40a0cf27b650ea1 (patch) | |
| tree | 7a6410fbd38a009365c9d3c7e663d5c8f6d56f63 /doc/gpg.sgml | |
| parent | * packet.h, build-packet.c (build_sig_subpkt), export.c (diff) | |
| download | gnupg2-4b256be065831dafa2704ba9e40a0cf27b650ea1.tar.xz gnupg2-4b256be065831dafa2704ba9e40a0cf27b650ea1.zip | |
* gpg.sgml: Some general language tweaks. Note default algo for
--symmetric. --export-ownertrust takes no args. Document
--no-escape-from-lines. Fix escaped "<From" to be ">From". Make
"openpgp" trust model into "pgp".
Diffstat (limited to 'doc/gpg.sgml')
| -rw-r--r-- | doc/gpg.sgml | 79 |
1 files changed, 41 insertions, 38 deletions
diff --git a/doc/gpg.sgml b/doc/gpg.sgml index 1989c572a..6dce396d8 100644 --- a/doc/gpg.sgml +++ b/doc/gpg.sgml @@ -125,10 +125,12 @@ Encrypt data. This option may be combined with --sign. <varlistentry> <term>-c, --symmetric</term> <listitem><para> -Encrypt with symmetric cipher only. -This command asks for a passphrase. +Encrypt with a symmetric cipher using a passphrase. The default +symmetric cipher used is CAST5, but may be chosen with the +--cipher-algo option. </para></listitem></varlistentry> + <varlistentry> <term>--store</term> <listitem><para> @@ -628,37 +630,38 @@ Option --keyserver must be used to give the name of this keyserver. <varlistentry> <term>--update-trustdb</term> <listitem><para> -Do trust DB maintenance. This command goes over all keys and builds -the Web-of-Trust. This is an interactive command because it may has to -ask for the "ownertrust" values of keys. The user has to give an -estimation in how far she trusts the owner of the displayed key to -correctly certify (sign) other keys. It does only ask for that value -if it has not yet been assigned to a key. Using the edit menu, that -value can be changed at any time later. +Do trust database maintenance. This command iterates over all keys +and builds the Web-of-Trust. This is an interactive command because it +may have to ask for the "ownertrust" values for keys. The user has to +give an estimation of how far she trusts the owner of the displayed +key to correctly certify (sign) other keys. GnuPG only asks for the +ownertrust value if it has not yet been assigned to a key. Using the +--edit-key menu, the assigned value can be changed at any time. </para></listitem></varlistentry> <varlistentry> <term>--check-trustdb</term> <listitem><para> -Do trust DB maintenance without user interaction. Form time to time -the trust database must be updated so that expired keys and resulting -changes in the Web-of-Trust can be tracked. GnuPG tries to figure -when this is required and then does it implicitly; this command can be -used to force such a check. The processing is identically to that of ---update-trustdb but it skips keys with a not yet defined "ownertrust". +Do trust database maintenance without user interaction. From time to +time the trust database must be updated so that expired keys or +signatures and the resulting changes in the Web-of-Trust can be +tracked. Normally, GnuPG will calculate when this is required and do +it automatically unless --no-auto-check-trustdb is set. This command +can be used to force a trust database check at any time. The +processing is identical to that of --update-trustdb but it skips keys +with a not yet defined "ownertrust". </para> <para> For use with cron jobs, this command can be used together with --batch -in which case the check is only done when it is due. To force a run -even in batch mode add the option --yes. +in which case the trust database check is done only if a check is +needed. To force a run even in batch mode add the option --yes. </para></listitem></varlistentry> <varlistentry> -<term>--export-ownertrust &OptParmFile;</term> +<term>--export-ownertrust</term> <listitem><para> -Store the ownertrust values into -&ParmFile; (or stdin if not given). This is useful for backup +Send the ownertrust values to stdout. This is useful for backup purposes as these values are the only ones which can't be re-created from a corrupted trust DB. </para></listitem></varlistentry> @@ -726,12 +729,10 @@ Print warranty information. <varlistentry> <term>-h, --help</term> <listitem><para> -Print usage information. This is a really long list even though it doesn't list -all options. +Print usage information. This is a really long list even though it +doesn't list all options. For every option, consult this manual. </para></listitem></varlistentry> - - </variablelist> </refsect1> @@ -744,7 +745,8 @@ Long options can be put in an options file (default not write the 2 dashes, but simply the name of the option and any required arguments. Lines with a hash ('#') as the first non-white-space character are ignored. Commands may be put in this -file too, but that does not make sense. +file too, but that is not generally useful as the command will execute +automatically with every execution of gpg. </para> <para> <command/gpg/ recognizes these options: @@ -899,9 +901,9 @@ compression level of zlib (normally 6). <listitem><para> Use canonical text mode. --no-textmode disables this option. If -t (but not --textmode) is used together with armoring and signing, this -enables clearsigned messages. This kludge is needed for PGP -compatibility; normally you would use --sign or --clearsign to -selected the type of the signature. +enables clearsigned messages. This kludge is needed for command-line +compatibility with command-line versions of PGP; normally you would +use --sign or --clearsign to select the type of the signature. </para></listitem></varlistentry> @@ -996,14 +998,14 @@ recipient's or signator's key. </para></listitem></varlistentry> <varlistentry> -<term>--trust-model <parameter>openpgp|classic|always</parameter></term> +<term>--trust-model <parameter>pgp|classic|always</parameter></term> <listitem><para> Set what trust model GnuPG should follow. The models are: <variablelist> -<varlistentry><term>openpgp</term><listitem><para> +<varlistentry><term>pgp</term><listitem><para> This is the web-of-trust combined with trust signatures as used in PGP 5.x and later. This is the default trust model. </para></listitem></varlistentry> @@ -1727,12 +1729,13 @@ line tells GnuPG about this cleartext signature option. <varlistentry> <term>--escape-from-lines</term> +<term>--no-escape-from-lines</term> <listitem><para> -Because some mailers change lines starting with "From " -to "<From " it is good to handle such lines in a special -way when creating cleartext signatures. All other PGP -versions do it this way too. This option is not enabled -by default because it would violate rfc2440. +Because some mailers change lines starting with "From " to ">From +" it is good to handle such lines in a special way when creating +cleartext signatures to prevent the mail system from breaking the +signature. Note that all other PGP versions do it this way too. +Enabled by default. --no-escape-from-lines disables this option. </para></listitem></varlistentry> @@ -1995,7 +1998,7 @@ Suppress the warning about "using insecure memory". <term>--no-permission-warning</term> <listitem><para> Suppress the warning about unsafe file permissions. Note that the -file permission checks that GnuPG does are not intended to be +file permission checks that GnuPG performs are not intended to be authoritative, rather they simply warn about certain common permission problems. Do not assume that the lack of a warning means that your system is secure. @@ -2262,8 +2265,8 @@ menu. <refsect1> <title>How to specify a user ID</title> <para> -There are different ways on how to specify a user ID to GnuPG; -here are some examples: +There are different ways to specify a user ID to GnuPG; here are some +examples: </para> <variablelist> |