openpgp: Add a method to CertBuilder to make non-exportable certs.
-
Add
CertBuilder::set_exportable
, which sets the exportable flag accordingly on all generated signatures.-
This allows the easy creation of non-exportable certificates, which is recommended by the OpenPGP Certificate Directory specification for the local trust root:
The trust root is an OpenPGP certificate that is stored under the special name trust-root.
The certificate:
SHOULD use direct key signatures or binding signatures that are marked as non-exportable.
https://www.ietf.org/archive/id/draft-nwjw-openpgp-cert-d-00.html#section-3.5.1
-
Fixes #1082 (closed).
-