Trust Signatures

Loren M. Lang lorenl at north-winds.org
Mon Nov 17 20:35:29 CET 2008


What the GnuPG users mailing list down for a while?  There appears to be
a gap in my Inbox and none of my messages sent during that time have
shown up.  It's been 4 days so I'm resending it.


I having trouble understanding trust signatures in OpenPGP so I decided
to run an experiment.  I created a new private key for me in a fresh
GNUPGHOME followed by private keys for Alice, Bobbie, Charlie, and
Mallory in a separate GNUPGHOME.  I had Alice sign Bobbie's public key
who signed Charlie's who signed Mallory's.  I then imported Alice,
Bobbie, Charlie, and Mallory's public keys into my GNUPGHOME.  All there
keys showed up as unknown trust and unknown validity as expected.  I
then signed Alice's public key.  All signatures so far have been trust
signatures with a depth of 4 and full trust with no domain specified.
At this point Alice's key shows up as fully trusted and fully valid as
expected.  Bobbie's key became automatically fully valid without me
setting an ownertrust on Alice, but Bobbie's trust is marked as unknown.
Charlie's key is unknown trust with undefined validity.  As I understand
trust signatures, all keys up to Mallory should be valid, what am I
missing?
-- 
Loren M. Lang
lorenl at north-winds.org
http://www.north-winds.org/


Public Key: ftp://ftp.north-winds.org/pub/lorenl_pubkey.asc
Fingerprint: 10A0 7AE2 DAF5 4780 888A  3FA4 DCEE BB39 7654 DE5B

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: </pipermail/attachments/20081117/cf6dafc1/attachment.pgp>


More information about the Gnupg-users mailing list