Page MenuHome GnuPG

"Note: signatures using the MD5 algorithm are rejected" is emitted despite --quiet
Closed, ResolvedPublic


It looks like both print_sha1_keysig_rejected_note and print_digest_rejected_note do not respect --quiet, though they probably should:

0 dkg@alice:~$ gpg --check-trustdb --quiet
gpg: Note: signatures using the MD5 algorithm are rejected
0 dkg@alice:~$

This was first reported on gnupg-devel against 2.2.18 but appears to still be the case in 2.2.20.



Related Objects

Event Timeline

werner claimed this task.
werner added a subscriber: werner.

This is an important information to know because it can help to avoid bug reports.

Of course it is important, that's why it it printed by default.

But it shouldn't be printed with --quiet. According to the manpage, --quiet "[tries] to be as quiet as possible."

So either we don't output this message with --quiet, or we have to change the description of --quiet to "[try] to be quiet, except some things".

Robin H. Johnson created a patch for this:

Signed-off-by: Robin H. Johnson <>
 g10/misc.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git g10/misc.c g10/misc.c
index 22ed47e7c..d46fa90b2 100644
--- g10/misc.c
+++ g10/misc.c
@@ -366,6 +366,8 @@ print_sha1_keysig_rejected_note (void)
   static int shown;

+  if (opt.quiet)
+       return;
   if (shown)


I reconsidered this. Suppressing such messages with --quiet is oka and will be in 2.2.24.