Aspects of trust
mail at kerrickstaley.com
Tue Jun 14 21:35:51 CEST 2011
OK, I think I understand:
Validity and trust are separate, but GnuPG lumps "validity" and
"trust, for the sole purpose of signing others' keys" together into a
single value (which is one of "unknown", "never", "marginal", "full",
and "ultimate"). One can imagine situations in which a key's owner is
"never" trusted to sign others' keys, but one would still like to keep
track of how valid the key itself is ("unknown", "marginal" or
"full"). However, such situations are corner cases, and GnuPG doesn't
provide facilities for dealing with them.
Is this correct?
More information about the Gnupg-users