1 From: Werner Koch <wk@gnupg.org>
2 Date: Wed, 8 Mar 2017 10:46:09 +0100
3 Subject: doc: Add a note to the trust model direct.
5 * doc/gpg.texi (GPG Configuration Options): Add note. Chnage Index
6 from trust-mode:foo to trust-model:foo.
8 (cherry picked from commit f0257b4a86b73f5b956028e68590b6d2a23ea4da)
10 doc/gpg.texi | 20 ++++++++++++--------
11 1 file changed, 12 insertions(+), 8 deletions(-)
13 diff --git a/doc/gpg.texi b/doc/gpg.texi
14 index 3b82b44..d658737 100644
17 @@ -1600,17 +1600,17 @@ Set what trust model GnuPG should follow. The models are:
21 - @opindex trust-mode:pgp
22 + @opindex trust-model:pgp
23 This is the Web of Trust combined with trust signatures as used in PGP
24 5.x and later. This is the default trust model when creating a new
28 - @opindex trust-mode:classic
29 + @opindex trust-model:classic
30 This is the standard Web of Trust as introduced by PGP 2.
33 - @opindex trust-mode:tofu
34 + @opindex trust-model:tofu
35 @anchor{trust-model-tofu}
36 TOFU stands for Trust On First Use. In this trust model, the first
37 time a key is seen, it is memorized. If later another key is seen
38 @@ -1656,7 +1656,7 @@ Set what trust model GnuPG should follow. The models are:
39 @code{undefined} trust level is returned.
42 - @opindex trust-mode:tofu+pgp
43 + @opindex trust-model:tofu+pgp
44 This trust model combines TOFU with the Web of Trust. This is done
45 by computing the trust level for each model and then taking the
46 maximum trust level where the trust levels are ordered as follows:
47 @@ -1669,12 +1669,16 @@ Set what trust model GnuPG should follow. The models are:
48 which some security-conscious users don't like.
51 - @opindex trust-mode:direct
52 + @opindex trust-model:direct
53 Key validity is set directly by the user and not calculated via the
55 + Web of Trust. This model is soley based on the key and does
56 + not distinguish user IDs. Note that when changing to another trust
57 + model the trust values assigned to a key are transformed into
58 + ownertrust values, which also indicate how you trust the owner of
59 + the key to sign other keys.
62 - @opindex trust-mode:always
63 + @opindex trust-model:always
64 Skip key validation and assume that used keys are always fully
65 valid. You generally won't use this unless you are using some
66 external validation scheme. This option also suppresses the
67 @@ -1684,7 +1688,7 @@ Set what trust model GnuPG should follow. The models are:
71 - @opindex trust-mode:auto
72 + @opindex trust-model:auto
73 Select the trust model depending on whatever the internal trust
74 database says. This is the default model if such a database already