trusting an imported key which is the only key in a ring?

Robert Forsman
Wed, 08 Mar 2000 17:01:24 -0500

  I have a DSA key (beaver-alpha) I generated on one machine.  I have
exported the public key and copied it to another machine and imported it as
the ONLY key in that user's keyring.  I want to trust that key for --verify
operations.  What gpg command do I use to mark that key as fully trusted?

  I have managed to mark it as trusted by creating a DSA key (argh) and then
signing the beaver-alpha public key with argh.  Then it is trusted.  I can
subsequently delete key argh and beaver-alpha is still trusted.  this is
what leads me to believe that I should be able to create trust without
having to create a local key (since I would have to do that on several
thousand machines).

  See my problem in action:

[root@prestige1 gnupg-1.0.1]# gpg --import /home/hammor/key
gpg: key D1A2FFED: public key imported
gpg: Total number processed: 1
gpg:               imported: 1

[root@prestige1 gnupg-1.0.1]# gpg --verify /home/hammor/test.tgz.gpg 
gpg: Signature made Wed Mar  8 18:50:25 2000 GMT using DSA key ID D1A2FFED
gpg: Good signature from "Robert Forsman (Beaver Alpha) <>"
Could not find a valid trust path to the key.  Let's see whether we
can assign some missing owner trust values.

No path leading to one of our keys found.

gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
gpg: Fingerprint: D6BE 16CC EAE6 8E9A 6989  3BF7 91AB 6807 D1A2 FFED