scripting and trust validation

Dan Fraser dfraser at capybara.org
Tue Nov 23 21:57:51 CET 2004


I'm having a problem with GPG.  Here's what I want to do:

Create a top-level key that is only used for signing other keys. 
(Manager key)
Create a second-level key that is signed by the top-level key. (Alice's 
key)

Send a file signed with Alice's key and Alice's public key itself to a 
remote host.

Have the remote host import Alice's public key, check it against the 
public key of the manager (which it already has, and has full 
owner-trust) and if it's okay, use Alice's key to check the signature 
on the file.

This seems to be possible, except that I can't find a way for GPG to 
exit with an error condition if Alice's key cannot be validated in the 
trustdb.  It prints WARNING messages and complains, but without 
actually parsing the textual output from GPG, I see no way of doing 
what I need.

Am I missing something?

Thanks...




More information about the Gnupg-users mailing list