trust paths

Hauke Laging mailinglisten at
Fri Feb 27 22:45:36 CET 2015

Am Fr 27.02.2015, 22:30:41 schrieb Christoph Anton Mitterer:

> Obviously I'll need any intermediate keys (and enough of them that I
> personally decide it's trustworthy).

Once more we see the term that confuses nearly everyone:

You personally decide to trust a key – for it's certifications. That is 
not in any way related to the intermediate certifications for this key.

The WoT makes a key *valid*. What is needed for that is your personal 
decision, too, but on another level: That is configured in GnuPG (with 
--completes-needed and --marginals-needed). Unless you decide not to use 
the WoT and make your own signature based on the ones you see.

Crypto für alle:
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 603 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20150227/550e2294/attachment.sig>

More information about the Gnupg-users mailing list