Trust, UIDs, signing & revoking

Mark Brown
Wed Nov 21 02:08:01 2001

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Nov 20, 2001 at 04:36:34PM -0800, Len Sassaman wrote:

> Have you actually verified that this is how PGP does its trust
> calculations internally? There may be some differnence between what is
> displayed in PGPkeys and what is done in the SDK.

I'm only certain about having verified with PGPkeys although I beleive
the issue was pointed out to me when someone managed to encrypt
something to an ID they beleived should've been invalid without
noticing.  I can check the latter tomorrow.  I don't have access to the

I'd still say that a problem in PGPkeys is fairly serious.

"You grabbed my hand and we fell into it, like a daydream - or a fever."

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see