locally signed keys are not necessarily fully trusted any more

Ingo Buescher maillists at webmounty.de
Mon Dec 20 14:52:29 CET 2004

Hash: SHA1

Neil Williams wrote:

>> gallatin at nathan:~/.gnupg $ gpg --list-sig netfilter
>> pub   1024D/CA9A8D5B 2001-09-15 [expires: 2006-09-14]
>> uid       [ unknown] Netfilter Core Team <coreteam at netfilter.org>
>> sig 3        CA9A8D5B 2001-09-15 never       Netfilter Core Team

>sig 3: indicating very careful checking prior to signature.

>> <coreteam at netfilter.org>
>> sig          470DB964 2001-12-18 never       [User ID not found]
>> sig 1 L      DF00C939 2004-06-08 2006-09-14  Ingo Buescher

>sig 1: indicating casual checking.

>Is GnuPG taking that into account?
>Are the other locally signed keys sig 3?

Yes, they are. I really can't imagine why the default cert level might 
have changed when I signed keys but since I switched on the option 
ask-cert-level now, I made sure that from now on I'll be asked every time 
for my trust in the validity of the key. I think the problem will not 
arise again.

Thank you.

- -- 
Ingo Buescher <maillists at webmounty.de>
"This country is at an awkward stage.  It's too late to work within the
system, but too early to shoot the bastards." -- Claire Wolfe
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Made with pgp4pine 1.76


More information about the Gnupg-users mailing list