Key keeps showing unknown trust

Hugo Osvaldo Barrera hugo at barrera.io
Mon Feb 9 10:27:26 CET 2015


On 2015-02-08 09:51, Peter Lebbing wrote:
> On 07/02/15 20:43, Hugo Osvaldo Barrera wrote:
> > I don't think I'm doing something wrong, but: Am I? Did I miss something?
> 
> Yes, you have interpreted it wrong. What you are doing now is this statement:
> 
> "I trust Hugo Osvaldo Barrera checks identities carefully before signing keys.
> However, I do not know whether 1BFBED44 is really his key". So the statement
> doesn't actually get you anywhere. And the fact that you're speaking in the
> third person about yourself is lost on GnuPG, which doesn't know that.
> 
> Since it is your own key (right?), what you want here is "trust: ultimate".
> 
> Normally, what makes a key valid is that it is signed by a /trusted/ key. Note
> the difference: key B is /valid/ because key A, which is /trusted/, signed it.
> But this has to start out somewhere. This is usually your own key(s), which
> are assigned "ultimate" trust, which means: this key is also valid, even
> though it is not necessarily signed by a trusted key.
> 
> The option to use for your /own/ keys therefore, is usually "5 = I trust
> ultimately". And when you are convinced someone is actually the legitimate
> owner of a key, you would sign their key. Whether you would assign them any
> trust depends on whether you think this person is trustworthy enough to rely
> on their signatures on other people's keys.
> 
> HTH,
> 
> Peter.
> 
> -- 
> I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
> You can send me encrypted mail if you want some privacy.
> My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

Yes, you're right in that sense. I just wanted to put it in slightly less trust
so as to recognize it more easily. I don't want to sign my *old* key with my
new one either.
I'll have to rethink how I organize myself a bit in that aspect.

However, the issue at hand is another: even if I set a trust of 5 (ultimate),
the next screen still shows it as unknown and that doesn't change.

If I delete my keyring, and re-import both secret keys, only the first of both
that I set to ultimate is actually shown as ultimate, and the second is always
shown as unknown.

-- 
Hugo Osvaldo Barrera
A: Because we read from top to bottom, left to right.
Q: Why should I start my reply below the quoted text?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: </pipermail/attachments/20150209/94c15c9d/attachment.sig>


More information about the Gnupg-users mailing list