certified with a trusted signature

Richard J. Cattien rc.foreign at gmx.net
Sun Jan 11 17:01:38 CET 2004


Hi,

On Sun, Jan 11, 2004 at 03:17:10PM +0000, Neil Williams wrote:
> BTW: Your key 0xD5EF252D appears to be an ordinary DSA/Elgamal 1024 key with 
> three UID's and unlimited expiry - is there are reason you've put the 
> location of the key in the comment field of your email but not put the key 
> onto keyservers? It means that to verify your signature, I cannot use 
> auto-retrieve as you can to verify my signature. Some people justifiably 
> don't use keyservers when they use signing subkeys and other features that 
> older keyservers tend to not understand, but keyservers are useful things and 
> it will increase the availability of your key. Keyservers are there to make 
> it easier to manage key signatures that will prevent this message:
 
Yes, there is a reason why i haven't put my key onto a keyserver yet. I
played around with gnupg many times before and uploaded my key to the
keyservers. Well, this was bad because i didn't know what i did at that
time. Now i have three unused keys on the keyservers. But now i'm "grown
up" and did the pgp-thing seriously. I just wanted to make sure that i
can really use it before uploading my key. I'll upload it soon!

> > But everytime a sig is checked i get following output:
> > gpg: WARNING: This key is not certified with a trusted signature!
> > gpg:          There is no indication that the signature belongs to the \
> > owner.
> > what does that mean? Many of the keys of which this happens are signed
> > by many people.
> 
> But none of those people have also signed your key. Key 0xD5EF252D has only 
> been signed by you. Nobody else can therefore trust your key - we'll all get 
> the same message on your key as you do on everyone else's key.
 
Okay, i think i get it. The bigger my web of trust gets, the higher
the chances that one person signed my, and some of keys from the ppl of
this list.

> See some of these sites on keysigning:
> http://www.dclug.org.uk/linux_doc/gnupgsign.html
> http://www.cryptnet.net/fdp/crypto/gpg-party.html
 
Thanks!

bye,
	richard

-- 
Richard Cattien,
PGP-Public-Key: http://cattien.org/richard/keys/rc_pubkey.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : /pipermail/attachments/20040111/173ef824/attachment.bin


More information about the Gnupg-users mailing list