new function to export signatures from core to sphere keyrings. this

is so that the sphere does not have to read the core pubring to get
the certifier ltsigs, and we can therefore keep tighter permissions on
the core keyring files.  updated some comments/documentation as well.

1 files changed, 4 insertions, 4 deletions

diff --git a/src/share/ma/remove_certifier b/src/share/ma/remove_certifier
index 560281d..1164162 100644
--- a/src/share/ma/remove_certifier
+++ b/src/share/ma/remove_certifier
@@ -32,16 +32,16 @@ else
     failure
 fi
 
-# delete the requested key
+# delete the requested key from the sphere keyring
+# FIXME: should this be a revokation instead of a removal?
 if gpg_sphere "--delete-key --batch --yes 0x${keyID}!" ; then
-    # delete key from host keyring as well
+    # delete key from core keyring as well
     gpg_core --delete-key --batch --yes "0x${keyID}!"
 
     # update the trustdb for the authentication keyring
     gpg_sphere "--check-trustdb"
 
-    echo
-    echo "Identity certifier removed."
+    log info -e "\nIdentity certifier removed."
 else
     failure "Problem removing identity certifier."
 fi