tech-userlevel archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: CVS commit: src/usr.bin/nbsvtool
On Mon, Jul 14, 2008 at 10:10:27PM +0200, Dieter Baron wrote:
> In article <20080714191059.GA5088%britannica.bec.de@localhost> Joerg wrote:
> : On Mon, Jul 14, 2008 at 08:55:45PM +0200, Dieter Baron wrote:
> : > attached is an updated version of the man page, please review.
>
> : I'm considering to add a second argument for the sign command and
> : default to ${file}.sp7 otherwise. That would be consistent with verify.
> : Opinions?
>
> I would rahter specify the signature file as an option (-o or -s),
> for both sign and verify. That way, we could specify more than one
> file to sign/verify (with the default signature file name).
For verify you can already do that. The second argument is optional.
The question is if sign should behave the same :)
> : > - What is trusted if no trust anchor is given?
>
> : Nothing.
>
> So is there any way for verify to succeed without a trust anchor?
That is right.
> Otherwise, -a is required for verify to make sense (and that should be
> noted in the man page, and probably enforced by the code).
Well, in the longer term we should have a default trust anchor. I did
not include that part from the original code from Love as needs a
decision where it should be, it needs care to not be changed randomly
etc. I think documenting it as such in the man page is the best approach
for now.
Joerg
Home |
Main Index |
Thread Index |
Old Index