How to trust a key only for users in one domain
dshaw at jabberwocky.com
Thu Dec 13 18:46:27 CET 2007
On Thu, Dec 13, 2007 at 10:19:07AM -0600, Chris Covington wrote:
> What would the command line be in GnuPG to sign a key and specify a
> domain, so that if that signed key signs another key in the
> specified domain, the other key would be listed as valid?
> For instance if I want to sign the gnupgAdmin at example.org public key
> so that any key that the gnupgAdmin signs is listed as valid, if the
> key is for a user in the example.org domain. This is typically
> referred to as a "Trusted Introducer" signature and is listed in RFC
> 4880 section 126.96.36.199.
Use "gpg --edit-key (thekey)" and then "tsign". You will be asked the
usual signature questions, and also the trust level (RFC-4880 section
188.8.131.52) and then the domain.
More information about the Gnupg-users