Using only one public key; no way to sign it

Anthony E. Greene
Thu Dec 6 06:05:01 2001

Hash: SHA1

On Wed, 5 Dec 2001, Frank Tobin wrote:
>Steve Butler, at 13:15 -0800 on 2001-12-05, wrote:
>>        --trusted-key long key ID
>>                  Assume  that  the  specified  key (which must be
>>                  given as a  full 8 byte key ID) is as  trustworthy
>>                  as one of your own secret keys. This option
>>                  is useful if you don't want to keep your  secret
>>                  keys  (or  one of them) online but still want to
>>                  be able to check the validity of a given recipient's
>>                  or signator's key.
>--trusted-key isn't necessarily a good option to use it still requires you
>to still sign the key being used to encrypt.  I can think of a variety of
>scenarios where this is not a viable option.  And you certainly don't want
>have use --trusted-key directly on the key you are encrypting with,
>because that introduces other problems, such as that trust filtering down
>to other keys, validating them when you don't want to.

Well, either you trust the key or you don't. As for propagating trust, you
can adjust the "completes needed" and "marginals needed" settings in your
options file.

- -- 
Anthony E. Greene <> <>
PGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D
Chat: AOL/Yahoo: TonyG05
Linux. The choice of a GNU generation <>

Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Anthony E. Greene <> 0x6C94239D