locally signed keys are not necessarily fully trusted any more
Neil Williams
linux at codehelp.co.uk
Mon Dec 20 12:00:06 CET 2004
On Friday 17 December 2004 3:02 pm, Ingo Buescher wrote:
> Hi,
> after I switched from gnupg-1.2.6 to gnupg-1.4.0 I noticed a peculiar
> problem concerning the validity of some of the keys in my keyring -
> although I signed all of them locally some are not regarded "fully"
> trusted any more.
>
> gallatin at nathan:~/.gnupg $ gpg --list-sig netfilter
> pub 1024D/CA9A8D5B 2001-09-15 [expires: 2006-09-14]
> uid [ unknown] Netfilter Core Team <coreteam at netfilter.org>
> sig 3 CA9A8D5B 2001-09-15 never Netfilter Core Team
sig 3: indicating very careful checking prior to signature.
> <coreteam at netfilter.org>
> sig 470DB964 2001-12-18 never [User ID not found]
> sig 1 L DF00C939 2004-06-08 2006-09-14 Ingo Buescher
sig 1: indicating casual checking.
Is GnuPG taking that into account?
Are the other locally signed keys sig 3?
> other keys I signed locally are just fine and no - those are not
> signed by a trusted third party either.
> I can repair the problem if I remove my local signature from those keys
> and use "lsign" again. Am I making a stupid mistake here?
At what LEVEL are you re-signing?
--
Neil Williams
=============
http://www.dclug.org.uk/
http://www.nosoftwarepatents.com/
http://sourceforge.net/projects/isbnsearch/
http://www.williamsleesmill.me.uk/
http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20041220/5b795436/attachment-0001.bin
More information about the Gnupg-users
mailing list