Mike Acker Mike_Acker at
Sun Mar 20 22:00:31 CET 2011

On 03/20/2011 15:50, Jonathan Ely wrote:
> Just to let you know, your signature failed to validate and thus says
> 'bad'. Hope this helps.
added note: when i received your message THUNDERBIRD reported
"Unverified signature".  I selected the option to load your key from the
server ( hkp:// ) and this succeeded.

following that event THUNDERBIRD reported "untrusted good signature" --
as it should.  after I signed it TWICE with MARGINAL trust -- it turned
green ( GOOD Signature ) -- as it should.

I think there may be some confusion with the names we use -- related to

    * key validity
    * owner trust

As I currently understand things: the *owner trust* indicates whether I
trust a key to sign for other keys and this can be fully, marginally, or
not at all.

key valididity indicates whether i have properly vetted the actual owner
of a key-- again fully, marginal, or not at all.

    * when i first received your message THUNDERBIRD reported UNVERIFIED
    * when I downloaded your key from the server the message changed,
      showing UNTRUSTED signature
    * when I signed the key showing casual checking the UNTRUSTED
      message remained
    * when I signed you key a second time with a different master key
      then the status wento GREEN: Good Signature.
    * I then deleted your key and downloaded it again
    * when i signed your key ONCE will carefull checking the message
      status went to GREEN: Good Signature

I think this is all as it should be but the wording is all a little


-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110320/e943497c/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 292 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110320/e943497c/attachment-0001.pgp>

More information about the Gnupg-users mailing list