Self-sigs with trusted key
David Shaw
dshaw at jabberwocky.com
Sun May 30 14:15:17 CEST 2004
On Sun, May 30, 2004 at 05:01:56PM +0700, Ivan Boldyrev wrote:
> I have Werner's key:
>
> pub 1024D/5B0358A2 created: 1999-03-15 expires: 2009-07-11
> trust: full validity: full
> sub 2048R/B604F148 created: 2004-03-21 expires: 2005-12-31
> sub 1024D/010A57ED created: 2004-03-21 expires: 2007-12-31
> [ full] (1). Werner Koch <wk@***.org>
> [ full] (2) Werner Koch
> [ unknown] (3) Werner Koch <wk@***.com>
>
> You see, key is trusted and valid. Third user ID is signed by Werner
> but is not signed by anyone of my ring, but first and second IDs are
> signed by other trusted persons and valid then.
>
> I do not understand why third UID is not valid while it has self-sig
> with trusted key?
That's now how trust works. You can't sign your own key to make it
valid. Neither can Werner ;)
If you think about it, this makes sense. If this wasn't true, then
there would be no point in having different validity levels on
different user IDs since all user IDs would become as trusted as the
key as a whole.
David
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 250 bytes
Desc: not available
Url : /pipermail/attachments/20040530/63a20962/attachment-0001.bin
More information about the Gnupg-users
mailing list