doc: Explain that qualified.txt is a legacy method.

--

1 files changed, 14 insertions, 10 deletions

diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi
index 2cb50539a..dd0daf642 100644
--- a/doc/gpgsm.texi
+++ b/doc/gpgsm.texi
@@ -966,16 +966,20 @@ like this:
 
 @item qualified.txt
 @efindex qualified.txt
-This is the list of root certificates used for qualified certificates.
-They are defined as certificates capable of creating legally binding
-signatures in the same way as handwritten signatures are.  Comments
-start with a hash mark and empty lines are ignored.  Lines do have a
-length limit but this is not a serious limitation as the format of the
-entries is fixed and checked by @command{gpgsm}: A non-comment line starts with
-optional whitespace, followed by exactly 40 hex characters, white space
-and a lowercased 2 letter country code.  Additional data delimited with
-by a white space is current ignored but might late be used for other
-purposes.
+This is the legacy method to mark root certificates as usable for
+qualified certificates.  Qualified certificates are capable of
+creating legally binding signatures in the same way as handwritten
+signatures.  The modern method to mark such root certificates is to
+use the "qual" flag in the system trustlist.txt; see the gpg-agent man
+page for details.
+
+Comments int his file start with a hash mark and empty lines are
+ignored.  Lines do have a length limit but this is not a serious
+limitation as the format of the entries is fixed and checked by
+@command{gpgsm}: A non-comment line starts with optional whitespace,
+followed by exactly 40 hex characters, white space and a lowercased 2
+letter country code.  Additional data delimited with by a white space
+is current ignored but might late be used for other purposes.
 
 Note that even if a certificate is listed in this file, this does not
 mean that the certificate is trusted; in general the certificates listed