How to trust a key only for users in one domain

Chris Covington Ccovington at
Thu Dec 13 20:03:53 CET 2007

That works - thanks!

-----Original Message-----
From: at [ at] On Behalf Of David Shaw
Sent: Thursday, December 13, 2007 11:46 AM
To: gnupg-users at
Subject: Re: How to trust a key only for users in one domain

On Thu, Dec 13, 2007 at 10:19:07AM -0600, Chris Covington wrote:

> What would the command line be in GnuPG to sign a key and specify a
> domain, so that if that signed key signs another key in the
> specified domain, the other key would be listed as valid?
> For instance if I want to sign the gnupgAdmin at public key
> so that any key that the gnupgAdmin signs is listed as valid, if the
> key is for a user in the domain.  This is typically
> referred to as a "Trusted Introducer" signature and is listed in RFC
> 4880 section

Use "gpg --edit-key (thekey)" and then "tsign".  You will be asked the
usual signature questions, and also the trust level (RFC-4880 section and then the domain.


Gnupg-users mailing list
Gnupg-users at

More information about the Gnupg-users mailing list