Import of trustpaths
C. Hackenschmidt
stoffita@web.de
Mon Jun 30 16:00:04 2003
David S. wrote:
>
> On Mon, Jun 30, 2003 at 11:42:07AM +0200, C. Hackenschmidt wrote:
>
> > > Did you run 'gpg --update-trustdb' after you signed the
> > > RootCA key? GnuPG does this automatically by default, but
> > > some people have the automatic update turned off.
> > >
> >
> > And if I do that I still have to go through all the keys manually.
> >
> > Actually what I want is all this done by just signing the
> Root CA key
> > and nothing else.
>
> You can't do that. It's just not how the web of trust works.
Well, I'm pretty new to all this but if I import the ChainNAI7.asc I
sended with my first mail into a PGP-Client and sign the RootCA as
Metaitnroducer all the other keys become valid. Nothing more has to be
done.
>
> Once you sign the Root CA key, the Root CA key becomes valid.
> However, it doesn't make any difference to any key underneath
> the Root CA because you must set ownertrust on the Root CA
> key so that the validity of the signed key can be calculated.
>
> This applies to GnuPG, PGP, and anything else.
>
Does this mean once I not only signed but trusted the key it should
work?
I did that but nope....
Chris