So I started with this one because it was the easiest. To reduce message fatigue, I only display compliance information if gnupg is in co-de compliance mode.
Now "the document" does not specify what should happen if a message carries multiple signatures. What I currently do is:
- One signature: Display compliance information.
- If there is more than one signature, I state that
- all are compliant,
- or that some are compliant,
- or that none are compliant.
(kleopatra does not display individual signatures if there is more than one).