Optionally turn off checking of keys.

[u/mdw/catacomb] / dsig.1

diff --git a/dsig.1 b/dsig.1
index 70a4ea8..10fe6c6 100644 (file)
--- a/dsig.1
+++ b/dsig.1
@@ -44,7 +44,7 @@ is one of:
 .RI [ item ...]
 .br
 .B sign
 .RI [ item ...]
 .br
 .B sign

-.RB [ \-0bqv ]
+.RB [ \-0bqvC ]

 .RB [ \-c
 .IR comment ]
 .RB [ \-k
 .RB [ \-c
 .IR comment ]
 .RB [ \-k


@@ -59,7 +59,7 @@ is one of:
 .IR output ]
 .br
 .B verify
 .IR output ]
 .br
 .B verify

-.RB [ \-qv ]
+.RB [ \-qvC ]

 .RI [ file ]
 .SH DESCRIPTION
 The
 .RI [ file ]
 .SH DESCRIPTION
 The


@@ -323,6 +323,11 @@ Set the signature to expire at
 The default is to expire 28 days from creation.  Use
 .B forever
 to make the signature not expire.
 The default is to expire 28 days from creation.  Use
 .B forever
 to make the signature not expire.

+.TP
+.B "\-C, \-\-nocheck"
+Don't check the private key for validity.  This makes signing go much
+faster, but at the risk of using a duff key, and potentially leaking
+information about the private key.

 .PP
 The whitespace-separated format for filenames allows quoting and
 escaping of strange characters.  The backslash
 .PP
 The whitespace-separated format for filenames allows quoting and
 escaping of strange characters.  The backslash


@@ -360,6 +365,11 @@ Produce more informational output.  The default verbosity level is 1.
 .TP
 .B "\-q, \-\-quiet"
 Produce less information output.
 .TP
 .B "\-q, \-\-quiet"
 Produce less information output.

+.TP
+.B "\-C, \-\-nocheck"
+Don't check the public key for validity.  This makes verification go
+much faster, but at the risk of using a duff key, and potentially
+accepting false signatures.

 .PP
 Output is written to standard output in a machine-readable format.
 Formatting errors cause the program to write a diagnostic to standard
 .PP
 Output is written to standard output in a machine-readable format.
 Formatting errors cause the program to write a diagnostic to standard