valid sig, invlalid key?

John Bacalle
Tue, 29 Aug 2000 08:12:39 -0400

On Mon, Aug 28, 2000 at 09:34:05PM -0700, L. Sassaman wrote:

> GnuPG "gripes" about this as well, as it should. If you haven't verified
> that the key belongs to the owner, what does it matter if the signature is
> good?
> This is the correct behavior.
I think I misunderstood the crux of the problem as being GnuPG specific vs. one win2k user not understanding his app's error message. IOW, GnuPG and PGP gripe at the verification step about validity/trust of the signator's authenticity, upon lack of a recognized trusted key. Of course. I thought something else was the issue. John -- John Bacalle -- Archive is at - Unsubscribe by sending mail with a subject of "unsubscribe" to