decrypt-file updates trustdb?

David.Vazquez-Landa at David.Vazquez-Landa at
Tue Feb 28 10:42:49 CET 2012

Thanks for the explanation Werner. Does this mean that it is OK then to have write permissions on trustdb.gpg, pubring.gpg and pubring.bak?

Best Regards,

David Vázquez
European Central Bank
Tel. (+49) 69 1344 7029
Mail. david.vazquez-landa at

> -----Original Message-----
> From: Werner Koch [mailto:wk at]
> Sent: Friday 24 February 2012 18:11
> To: Vazquez Landa, David
> Cc: ciamarie at; gnupg-users at
> Subject: Re: decrypt-file updates trustdb?
> On Fri, 24 Feb 2012 14:48, David.Vazquez-Landa at said:
> > understand why, if I'm just decrypting a file, gpg asks for write
> > permission to trustdb.gpg, pubring.gpg and pubring.bak. In other
> > words, I wouldn't expect my command to have to write anything. Alas, I
> If you encrypt something GPG computes the validity of the keys by
> looking at the key signatures and assigned ownertrust values.  The
> trustdb is updated as a result of this.  GPG also keeps a key signature
> validation status cache in the pubring.
> Shalom-Salam,
>    Werner
> --
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

Any e-mail message from the European Central Bank (ECB) is sent in good faith but shall neither be binding nor construed as constituting a commitment by the ECB except where provided for in a written agreement. This e-mail is intended only for the use of the recipient(s) named above. Any unauthorised disclosure, use or dissemination, either in whole or in part, is prohibited. If you have received this e-mail in error, please notify the sender immediately via e-mail and delete this e-mail from your system.

More information about the Gnupg-users mailing list