On Mar 11, 2011, at 5:08 AM, Ben McGinnes wrote: > On 11/03/11 6:50 PM, Daniel Kahn Gillmor wrote: >> On 03/11/2011 01:44 AM, Ben McGinnes wrote: >>> Ah, this is what I've been looking around for! For the sake of the >>> archives, how does one provide a non-exportable certification? >>> Obviously the export flag won't cut it. >> >> non-exportable OpenPGP certifications are also known as "local" >> certifications. >> >> To make a non-exportable OpenPGP certification, use: >> >> gpg --lsign-key fr...@example.net > > This bit I knew and have used sporadically, good to know that you were > referring to what I assumed, though. > >> To put that in a file: >> >> gpg --export-options export-local --export --armor fr...@example.net \ >>> frida.gpg >> >> Then the receiving party does: >> >> gpg --import-options import-local --import < frida.gpg > > Oh, excellent. Just one little clarification; the man page lists the > parameters as export-local-sigs and import-local-sigs, does shortening > it the way you have work or does the full option name need to be used?
As a general rule, most gpg options can be shortened, so long as they are still unique. So the real name for the option is "export-local-sigs", but "export-local" or even "export-l" is fine (and "export" would not be as gpg can't tell if you mean export-local-sigs, or export-attributes, or...) If you're documenting or scripting things, it's good practice to give the full name since you never know if we're going to add a "export-lovely-sigs" option or some such, and thus make "export-l" non unique. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
