On 18/01/17 15:39, Damien Goutte-Gattat wrote: > > I believe there's a bug in the handling of the regular expression > associated with a trust signature. I've just submitted a patch to fix it > [1]. With that patch applied, I get the expected result for step 10 > (Blake's key is fully valid, not the others') and step 14 (Blake's key > is fully valid, and so are Chloe's and David's keys).
thanks for that. I thought I was going mad! I will look out for an update that contains your patch... > > For step 16, none of the keys are valid, but I think that's the expected > behavior: you signed Introducer with a level 2 trust signature > restricted to example.es, so the signature of Blake's key (which as an > example.org UID) is rightly ignored. Blake's key is thus of unknown > validity and his signatures on Chloe's and David's keys are ignored as > well. I agree, I added that test because I wondered if I had misunderstood how it ought to work. > > (Side note: you can use the '%transient-key' directive when > batch-generating keys for testing purposes. This instructs GnuPG to use > a less secure but faster random number generator, thus speeding up the > generation process.) > I don't know how I missed that... right below %no-protection which I did use :) much appreciated your fast response to my query. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
