trust level for validating signature with gpgme
Allan McRae
allan at archlinux.org
Wed Nov 24 10:10:47 CET 2010
On 24/11/10 18:49, Werner Koch wrote:
> On Wed, 24 Nov 2010 02:31,allan at archlinux.org said:
>
>> > 1) I would have expected the trust level to be something like
>> > TRUST_FULL rather than TRUST_UNDEFINED. Is this because I have no
>> > signatures on that key or more specifically because I have no
>> > ultimately trusted key in the keyring signing that key?
> Signing the key is required to tell gpg that you trust the key. You may
> use the "lsign" command to do this only locally and not to announce it
> to the world.
>
> You also need to have a trust anchor; i.e. a key that is ultimately
> trusted. Check also the option --trusted-key.
>
Thanks. That has clarified everything for me. It seems that my lack of
understanding of the trust db was getting in the way...
Allan
More information about the Gnupg-users
mailing list