Aspects of trust

Kerrick Staley mail at
Tue Jun 14 21:35:51 CEST 2011

OK, I think I understand:

Validity and trust are separate, but GnuPG lumps "validity" and
"trust, for the sole purpose of signing others' keys" together into a
single value (which is one of "unknown", "never", "marginal", "full",
and "ultimate"). One can imagine situations in which a key's owner is
"never" trusted to sign others' keys, but one would still like to keep
track of how valid the key itself is ("unknown", "marginal" or
"full"). However, such situations are corner cases, and GnuPG doesn't
provide facilities for dealing with them.

Is this correct?

Kerrick Staley

More information about the Gnupg-users mailing list