trusting your own keys

Werner Koch
Wed, 28 Jul 1999 18:06:57 +0200

Thomas Zander <> writes:

> gpg: Signature made Wed Jul 28 16:50:13 1999 MEST using DSA key ID 0A0588D5
> gpg: Good signature from "Thomas Zander <>"
> gpg: WARNING: Using untrusted key!
I just checked it: [-- PGP output follows (current time: Wed Jul 28 17:58:26 1999) --] gpg: Signature made Wed Jul 28 17:58:05 1999 CEST using DSA key ID 621CC013 gpg: Good signature from "Werner Koch <>" [-- End of PGP output --] and as you can see it works.
> I tried the edit-key, and set the trust to 4 (full), so what am I doning wrong?
This has nothing to do with the validity of the key - what you set there is the amount of trust you have in the holder of that key to correctly sign _others keys_ so that he can act as an introducer of this other key. When you use --edit-key for on of you own keys, you should see a line like: pub 1024D/621CC013 created: 1998-07-07 expires: 2002-11-01 trust: -/u Trust is here meaningless, so the undefined ownertrust ("-") doesn'nt matter. The validity of the key is given after the slash ("u") and of course this should be "u" for ultimately trusted becuase you have accesss to the secret key too. BTW, gpg doesn't noch check, whehter you are the legitimate owner of the secret key (if qould need the passphrase to do that) but simply assumes that you are the owner if you have acces to that key.
>From what you reported, I can't tell you where your problem might be.
Please check again. -- Werner Koch at keyid 621CC013