How to perform key signature verification

Mark Sargent msargent at orcon.net.nz
Thu Feb 12 12:11:20 CET 2004


Yes I do.

I really only want keys to be trusted if they are signed by the
administrator.

Scenario:

If we have Admin, Sue, Joe and an outsider called Steve.

So if the Admin is assigned ultimate trust, and Sue and Joe have their keys
signed by Admin then can I say

between Admin and Sue we have a trusted relationship
and between Admin and Joe we have a trusted relationship

we want Sue and Joe to have a trusted relationship because both their keys
have been signed by Admin.

There should be no trust between Steve and any other member.

Will the web of trust allow me to set this up?

Cheers again

Mark


-----Original Message-----
From: gnupg-devel-bounces at gnupg.org
[mailto:gnupg-devel-bounces at gnupg.org]On Behalf Of Janusz A. Urbanowicz
Sent: Wednesday, 11 February 2004 11:39 p.m.
To: msargent at orcon.net.nz
Cc: Gnupg-Devel
Subject: Re: How to perform key signature verification


Mark Sargent wrote:

> Hi all,
>   I am developing a small gpg encrypted network. All participants must
have
> their keys signed by the network administrator.
>
> Is there a command other than --list-sigs that I can use to verify and
> ensure that a key has been signed by an 'admin' key.
>
> I wish to perform this check when encrypting and decrypting to prevent non
> authorised users gaining access.
>
> All ideas, thoughts, suggestions welcome

This is what web of trust is for. Do you have control over endpoints GPG
setup?

Alex


_______________________________________________
Gnupg-devel mailing list
Gnupg-devel at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel




More information about the Gnupg-devel mailing list