Key keeps showing unknown trust

Peter Lebbing peter at digitalbrains.com
Sun Feb 8 09:51:33 CET 2015


On 07/02/15 20:43, Hugo Osvaldo Barrera wrote:
> I don't think I'm doing something wrong, but: Am I? Did I miss something?

Yes, you have interpreted it wrong. What you are doing now is this statement:

"I trust Hugo Osvaldo Barrera checks identities carefully before signing keys.
However, I do not know whether 1BFBED44 is really his key". So the statement
doesn't actually get you anywhere. And the fact that you're speaking in the
third person about yourself is lost on GnuPG, which doesn't know that.

Since it is your own key (right?), what you want here is "trust: ultimate".

Normally, what makes a key valid is that it is signed by a /trusted/ key. Note
the difference: key B is /valid/ because key A, which is /trusted/, signed it.
But this has to start out somewhere. This is usually your own key(s), which
are assigned "ultimate" trust, which means: this key is also valid, even
though it is not necessarily signed by a trusted key.

The option to use for your /own/ keys therefore, is usually "5 = I trust
ultimately". And when you are convinced someone is actually the legitimate
owner of a key, you would sign their key. Whether you would assign them any
trust depends on whether you think this person is trustworthy enough to rely
on their signatures on other people's keys.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list