valid sig, invlalid key?
John Bacalle
john@unixen.org
Tue, 29 Aug 2000 08:12:39 -0400
On Mon, Aug 28, 2000 at 09:34:05PM -0700, L. Sassaman wrote:
> GnuPG "gripes" about this as well, as it should. If you haven't verified
> that the key belongs to the owner, what does it matter if the signature is
> good?
>
> This is the correct behavior.
I think I misunderstood the crux of the problem as being GnuPG specific
vs. one win2k user not understanding his app's
error message.
IOW, GnuPG and PGP gripe at the verification step about validity/trust
of the signator's authenticity, upon lack of a recognized trusted key.
Of course. I thought something else was the issue.
John
--
John Bacalle
--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org