valid sig, invlalid key?
Frank Tobin
ftobin@uiuc.edu
Wed, 23 Aug 2000 19:10:40 -0500 (CDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
David Turley, at 19:47 -0400 on Wed, 23 Aug 2000, wrote:
> *** PGP Signature Status: good
> *** Signer: My Company <me@mycompany.com> (Invalid)
> *** Signed: 8/23/2000 10:39:46 AM
> *** Verified: 8/23/2000 4:20:59 PM
> *** BEGIN PGP VERIFIED MESSAGE ***
>
> The message verifies as good, but what's the (Invalid) message?
While I personally haven't used PGP in years, "Invalid" is likely PGP's
terminology for something being "not validated"; that is, the receiving
end has not validated through the Web Of Trust that the key actually
belongs to "My Company".
Personally, I really don't like term "invalid" in these scenarios, because
"invalid" is not really the inverse of "valid"; "invalid" positively
reflects something being corrupted, while "valid" positively reflects
authenticity. The situation is more in the middle; "unknown validity".
- --
Frank Tobin http://www.uiuc.edu/~ftobin/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.2 (FreeBSD)
Comment: pgpenvelope 2.9.0 - http://pgpenvelope.sourceforge.net/
iEYEARECAAYFAjmkaAoACgkQVv/RCiYMT6MiBACeKxXouAwT9XUh8+CZYpiaolGZ
Ef8An3MTxY5fQbCvV0xwsHrXCWDDp154
=N5Vo
-----END PGP SIGNATURE-----
--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org