On Sat, Jun 4, 2011 at 9:30 AM, Allan McRae <allan@archlinux.org> wrote:
On 02/06/11 06:50, Dan McGee wrote:
On Wed, Jun 1, 2011 at 3:46 PM, Dan McGee<dpmcgee@gmail.com> wrote:
^^^ You deleted the blank line between the patch subject and the summary text, which makes it do what it did. You'll want to put that back.
On Wed, Jun 1, 2011 at 3:03 PM, Kerrick Staley<mail@kerrickstaley.com> wrote:
So I don't find VerifySig any more appitizing, other than matching the option name we came up with. I was leaning in my head when I wrote up this TODO toward something like GPGLevel, SigLevel, etc. I also think we may need to be a bit more granular than our current Always/Optional/Never trifecta. We have a multitude of possibilities when checking a signature:
* Valid signature, fully trusted (or ultimate, (GPGME_VALIDITY_{ULTIMATE, FULL}).
* Valid signature, unknown trust/unknown key (GPGME_VALIDITY_UNKNOWN, GPGME_SIGSUM_KEY_MISSING). * Valid signature, trust somewhere in between (marginal, GPGME_VALIDITY_MARGINAL).
* Valid signature, user is never valid (GPGME_VALIDITY_NEVER) * Valid signature, signature is however expired (GPGME_SIGSUM_SIG_EXPIRED) * Valid signature, key is however expired (GPGME_SIGSUM_KEY_EXPIRED) * Bad signature, trust level is irrelevant (GPGME_VALIDITY_RED)
Thoughts from anyone else on the naming, as well as what to do as far as expanded options? I've divided it above into roughly 3 categories, of which the top would always be acceptable, the bottom would never, and the middle could be a switchable option. I'm envisioning something like:
SigLevel = Always AllowUnknown
[core] SigLevel = Always
[otherrepo] SigLevel = Optional AllowUnknown
I should also add that the ability to have a signed database without signed packages could be done this same way; e.g. "SigLevel = NoPackages" or something (maybe even a corresponding "NoDatabase").
That sort of naming scheme sounds fine to me.
How about CheckLevel rather than SigLevel as it is the level of the checking that is being done once you add options like "NoPackages"? Sounds good to me.
Anyway, we can bikeshed the name later! But this might actually be a case where setting up a wiki page to hash out the configuration format and options could be useful. At least I think it would be helpful to have this written down somewhere so I can get it all straight in my head and it could be used as the basis of the man page later. Agreed. Although as far as setting up a wiki page we should probably first winnow down the multiple ones into one master page so it is a bit more clear where we are and where we are going as a team (and not thoughts from two years ago). I'll see if I can tackle this task in the next day or two as my current round of patches bake a bit on the ML.
-Dan