Sun, 5 Dec 1999 00:45:38 +0100
On Sat, Dec 04, 1999 at 08:14:17PM +0100
Thilo Barth wrote:
> Thus the signature of the GnuPG package is a dazzle -- werner's current
> public key is neither incorporated into a web-of-trust nor certified by
> any CA, which is a non-tolerable situation for such an ambitious
Did you read the README? Did you noticed that it is signed with my
old RSA key which in turn is very good connected and printed in the
GTR? The fingerprint of the signing key is inside this README file
(see "How to verify the source" point a). Furthermore the signing key
57548DCD is signed by my signature-only key 5B0358A2 which in turn is
signed by my old RSA key.
So where is the problem?
Werner Koch at guug.de www.gnupg.org keyid 621CC013