Reimplement attestation-staleness-days

Looks like we lost this feature in the rewrite, so reimplement it again.
This commit also removes obsolete configuration options and sets the
default attestation check level at "softfail".

Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>

1 files changed, 4 insertions, 16 deletions

diff --git a/man/b4.5.rst b/man/b4.5.rst
index ee05675..583d6cc 100644
--- a/man/b4.5.rst
+++ b/man/b4.5.rst
@@ -232,25 +232,13 @@ Default configuration, with explanations::
       # check: print an attaboy when attestation is found
       # softfail: print a warning when no attestation found
       # hardfail: exit with an error when no attestation found
-      attestation-policy = check
+      attestation-policy = softfail
       #
-      # Fall back to checking DKIM header if we don't find any other
-      # attestations present?
+      # Perform DKIM attestation?
       attestation-check-dkim = yes
       #
-      # "gpg" (whatever gpg is configured to do) or "tofu" to force TOFU mode
-      # If you don't already have a carefully maintained web of trust setup, it is
-      # strongly recommended to set this to "tofu"
-      attestation-trust-model = gpg
-      #
-      # How strict should we be when comparing the email address in From to the
-      # email addresses in the key's UIDs?
-      # strict: must match one of the uids on the key to pass
-      # loose: any valid and trusted key will be accepted
-      attestation-uid-match = loose
-      #
       # When showing attestation check results, do you like "fancy" (color, unicode)
-      # or simple checkmarks?
+      # or simple markers?
       attestation-checkmarks = fancy
       #
       # How long before we consider attestation to be too old?
@@ -281,4 +269,4 @@ Default configuration, with explanations::
 SUPPORT
 -------
 Please email tools@linux.kernel.org with support requests,
-or browse the list archive at https://linux.kernel.org/g/tools.
+or browse the list archive at https://lore.kernel.org/tools.