signing a robot's key - was: Re: Global Directory signatures
atom at suspicious.org
Thu Dec 30 22:12:45 CET 2004
-----BEGIN PGP SIGNED MESSAGE-----
On Thu, 30 Dec 2004, David Shaw wrote:
> Both GnuPG and PGP do more or less the same thing here. You can import
> keys freely, but such keys will remain invalid until there is a valid
> trust path to the key. Invalid keys are usable, but you get some
> variation of the "are you sure?" message before you can use the key.
i don't recall PGP(tm) having the option of "are you sure" for an unsigned
key, but i didn't spend much time with it. i was left with the impression
that the key couldn't be used unless it had a signature.
> If there is no valid trust path to the key, and you want to make it
> valid (say, if you want to trust signatures issued by it, as in the case
> of the GD key), then you need to sign or locally sign the key yourself.
> PGP's "Sign" command actually defaults to local signing. You need to
> make an explicit action (check a check box) to make it a regular
> exportable signature. Note that I'm speaking about PGP 8 here, though I
> seem to recall that PGP 7 was the same.
one can also use edit-key and assign ultimate trust to a key, which will
make it trusted without a signature.
PGP key - http://atom.smasher.org/pgp.txt
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
"Think of the press as a great keyboard on which the
government can play."
-- Joseph Goebbels, Nazi Propaganda Minister.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (FreeBSD)
Comment: What is this gibberish?
-----END PGP SIGNATURE-----
More information about the Gnupg-users