Using only one public key; no way to sign it
Anthony E. Greene
agreene@pobox.com
Thu Dec 6 06:05:01 2001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 5 Dec 2001, Frank Tobin wrote:
>Steve Butler, at 13:15 -0800 on 2001-12-05, wrote:
>
>> --trusted-key long key ID
>> Assume that the specified key (which must be
>> given as a full 8 byte key ID) is as trustworthy
>> as one of your own secret keys. This option
>> is useful if you don't want to keep your secret
>> keys (or one of them) online but still want to
>> be able to check the validity of a given recipient's
>> or signator's key.
>
>--trusted-key isn't necessarily a good option to use it still requires you
>to still sign the key being used to encrypt. I can think of a variety of
>scenarios where this is not a viable option. And you certainly don't want
>have use --trusted-key directly on the key you are encrypting with,
>because that introduces other problems, such as that trust filtering down
>to other keys, validating them when you don't want to.
Well, either you trust the key or you don't. As for propagating trust, you
can adjust the "completes needed" and "marginals needed" settings in your
options file.
Tony
- --
Anthony E. Greene <agreene@pobox.com> <http://www.pobox.com/~agreene/>
PGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D
Chat: AOL/Yahoo: TonyG05
Linux. The choice of a GNU generation <http://www.linux.org/>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Anthony E. Greene <agreene@pobox.com> 0x6C94239D
iD8DBQE8DvwNpCpg3WyUI50RAqydAJsFV36oLzUsYcav/urZsF9zTUGkuQCgvByW
TygE1xCs3lsx1MKeNh0YdxA=
=DgCH
-----END PGP SIGNATURE-----