@item --export-secret-key-p12 @var{key-id}
@opindex export-secret-key-p12
-Export the private key and the certificate identified by @var{key-id} in
-a PKCS#12 format. When used with the @code{--armor} option a few
+Export the private key and the certificate identified by @var{key-id}
+using the PKCS#12 format. When used with the @code{--armor} option a few
informational lines are prepended to the output. Note, that the PKCS#12
-format is not very secure and this command is only provided if there is
-no other way to exchange the private key. (@xref{option --p12-charset}.)
+format is not very secure and proper transport security should be used
+to convey the exported key. (@xref{option --p12-charset}.)
@item --export-secret-key-p8 @var{key-id}
@itemx --export-secret-key-raw @var{key-id}
Pinentry the user is not prompted again if he enters a bad password.
@end table
+@item --request-origin @var{origin}
+@opindex request-origin
+Tell gpgsm to assume that the operation ultimately originated at
+@var{origin}. Depending on the origin certain restrictions are applied
+and the Pinentry may include an extra note on the origin. Supported
+values for @var{origin} are: @code{local} which is the default,
+@code{remote} to indicate a remote origin or @code{browser} for an
+operation requested by a web browser.
+
@item --no-common-certs-import
@opindex no-common-certs-import
Suppress the import of common certificates on keybox creation.