gpg-agent and trusted root certificates

Olaf Gellert og at
Fri Jan 21 00:47:00 CET 2005

Werner Koch wrote:

> Add
>  allow-mark-trusted
> to your gpg-agent.conf

Well, as I said:
>>I already included the option "allow-mark-trusted"
>>into the configuration. When I include the hash of
>>a root certificate manually into the trustlist.txt,
>>everything works. When I tell kleopatra to validate
>>the root certificate, kleopatra queries the agent to
>>do the job.

So I do have the entry in the config, but the
agent still does not query me. After some fiddling
on another system (importing certs, deleting them,
rebooting, ...) at some point it worked, but on
a clean new SuSE install, it does not. So the question
is: Are there any other conditions that may prevent
the agent from asking the user?


P.S.: By the way, I was really impressed by the
      new X.509 functionality, OCSP, LDAP, GUI,

Dipl.Inform. Olaf Gellert                  PRESECURE (R)
Senior Researcher,                       Consulting GmbH
Phone: (+49) 0700 / PRESECURE           og at

                        A daily view on Internet Attacks

More information about the Gnupg-users mailing list