Suspect Signatures

David Shaw dshaw at
Wed Sep 24 04:19:47 CEST 2008

On Sep 23, 2008, at 6:08 PM, David Newman wrote:

>> On Mon, Sep 22, 2008 at 02:42:19PM -0400, David Newman wrote:
>>> Is there a that I can mark the signature as suspect,
>> Alas, no.
> [snip]
>> That said, this is really an aesthetic problem, and not a trust
>> problem.  The web of trust ultimately takes care of bad signatures as
>> those people who issue them will eventually get marked as
>> untrustworthy.
> Is that because there is not a 2-way trust relationship going on?
> I guess I don't understand how the WoT will be able to figure out
> that he is untrustworthy if there is no way to mark a signature
> as untrustworthy.  It seems there should be a way to sign signatures
> as good or bad.

Not exactly.  The WoT doesn't exactly figure out who is untrustworthy,  
but rather who is trustworthy.  Anyone unknown is just ignored.  Thus,  
a unknown signature on your key doesn't actually impact much unless it  
is trusted by someone.


More information about the Gnupg-users mailing list