PGP: Invalid key ?

Stefan Bellon
Sat Aug 18 18:54:01 2001

Lars Geiger <> wrote:


> However, if you have only your public key imported into PGP, my
> second statement still remains true. In this case, you will need to
> sign it with a another key to certify that it is a valid key from the
> person it claims to be. After you have done that, PGP accepts this
> key as valid and allows modifications to the "Trust" settings. You
> should perhaps read the PGP help on the subject "Web of trust" to get
> a better understanding of how that whole mechanism of key validation
> works.
So, with PGP you need at least one secret key in order to build a web of trust? You can't just import public keys because you only intend to verify signatures from that machine and then set trust values accordingly? Greetings, Stefan. -- Stefan Bellon * <> * <> PGP 2 and OpenPGP keys available from my home page Ceterum censeo Microsoft esse delendam