feature request: always-trust [<keyring>]

Jeff Breidenbach jab at debian.org
Mon Apr 29 07:41:02 CEST 2002


Feature request:

What: ability to specify that everything in a specific
      keyring will trusted by default.

Why:  In Debian, I can have a list of hundreds of developer 
      keys stored  in locally in /usr/share/keyrings/debian-keyring.gpg.
      This file is trusted by me, dynamic, and is maintained by the
      Debian Project. So I use the file as one of my keyrings.

      When I validate Debian gpg signatures (which I do a lot,
      usually on email messages), I don't want gpg to warn me about
      trust if the key is validated from this keyring. However, if the
      validation comes from some other source (a different keyring, for
      example), I would like the usual web of trust should apply.

      Having this feature (ability to always-trust from a specific
      keyring only) would allow me to more efficiently and safely use
      GNU privacy guard. I do not feel locally importing all the keys
      into a personal keyring, adding signatures, or making a large
      local trustdb is appropriate for this type of real world use.


PS I apologize if this is a frequently requested feature -- I did
not find a reference in the faq or gnupg-user/gnupg-devel archives.

Jeff

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: This is a digitally signed message part
Url : /pipermail/attachments/20020429/39905e4d/attachment.bin


More information about the Gnupg-devel mailing list