Import of trustpaths

David Shaw dshaw@jabberwocky.com
Mon Jun 30 05:43:01 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, Jun 26, 2003 at 02:28:08PM +0200, C. Hackenschmidt wrote:
> 
> Hi there,
> 
> I have the following trustpath
> 
> RootCA
> >>>SubCA
> >>>>>>User1/2/3/etc.
> 
> where 
> - RootCA signed the SubCA as a trusted introducer
> - SubCA signed the users
> 
> If I'm now going to import the pub keys of the RootCA, SubCA, and the
> users and if I sign the RootCA as a Metaintroducer, all the other
> keys(SubCA, User1/2/3/etc.) should become valid. At least that's what it
> does with my PGP client.
> 
> But if I import them into my GPG keyring I still have to sign every
> single key manually. Btw attached is the file with my Testkeys.
> 
> I might be completely stupid but I can't get this to work. Once I signed
> the RootCA and trust it fully the other keys still don't become valid
> although they're signed as stated above.

Did you run 'gpg --update-trustdb' after you signed the RootCA key?
GnuPG does this automatically by default, but some people have the
automatic update turned off.

David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3rc1 (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc

iD8DBQE+/63G4mZch0nhy8kRAk/3AKCXMD85sK0CCKyXPZbhIUhgw88IxwCfbxlv
kRVpSIrczItN5ZhgT6lcKig=
=FsFx
-----END PGP SIGNATURE-----