[PATCH] display trust info for "good" GPG siignatures

Hi all,

attached is a patch against today's cvs which improves the display of 
successfully checked signatures, taking the key's "validity" and "trust" 
fields into account.

When a signature is "good" (i.e. the message has actually been signed by 
the signature's owner), this does not necessarily mean that you should 
really trust this message (read: the signature's owner). The "validity" 
and "owner trust" fields of the signer's key are used to distinguish 
between trustworthy and questionable keys: if both the validity and the 
owner trust of a key are at least marginal, a green padlock will be shown, 
and yellow one otherwise. A message with a bad signature still gets a red 
lock. In the message index, if a message contains more than one signature, 
the lock will show the worst status (see example image below).

Additionally, the "owner trust" field is now shown in the application/pgp-
signature part and in OpenPGP messages.


Cheers, Albrecht.

  Albrecht Dreß  -  Johanna-Kirchner-Straße 13  -  D-53123 Bonn (Germany)
        Phone (+49) 228 6199571  -  mailto:albrecht.dress@arcor.de



PGP signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]