From 484d5ec624f12220df809b63bba719105eafdb8f Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Mon, 26 Sep 2011 13:18:19 -0500 Subject: pacman-key: treat foo-trusted as an ownertrust export file This allows it to serve double-duty. In order to allow users to base verification decisions off of both a valid signature and a trusted signature, we need to assign some level of owner trust to the keys we designate as trusted on import. Signed-off-by: Dan McGee --- doc/pacman-key.8.txt | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'doc') diff --git a/doc/pacman-key.8.txt b/doc/pacman-key.8.txt index d2da480f..1582a3ca 100644 --- a/doc/pacman-key.8.txt +++ b/doc/pacman-key.8.txt @@ -118,8 +118,10 @@ PGP keyring file `foo.gpg` that contains the keys for the foo keyring in the directory +{pkgdatadir}/keyrings+. Optionally, the file `foo-trusted` can be provided containing a list of trusted -key IDs for that keyring. This file will inform the user which keys a user -needs to verify and sign to build a local web of trust. +key IDs for that keyring. This is a file in a format compatible with 'gpg +\--export-ownertrust' output. This file will inform the user which keys a user +needs to verify and sign to build a local web of trust, in addition to +assigning provided owner trust values. Also optionally, the file `foo-revoked` can be provided containing a list of revoked key IDs for that keyring. Revoked is defined as "no longer valid for -- cgit v1.2.3-70-g09d2