out-of-key UIDs [was: ADK's]
Ineiev
ineiev at gnu.org
Thu May 4 11:43:56 CEST 2023
On Thu, May 04, 2023 at 09:52:54AM +0100, Andrew Gallagher wrote:
> > $ gpg --group fnord at test.eu=BD9D4DEE7B2FF1CBEF2EE0C4E0ACD3E0CBE7874A --list-keys fnord at test.eu
> > gpg: error reading key: No public key
...
> —list-keys doesn’t expand groups. Try this instead:
>
>
> andrewg at serenity % gpg --group fnord at test.eu=BD9D4DEE7B2FF1CBEF2EE0C4E0ACD3E0CBE7874A -r fnord at test.eu -e < /etc/shells > shells.gpg
> gpg: 0x40F9B9601900E974: There is no assurance this key belongs to the named user
I tried something like this with my MUA, I believe that doesn't work:
it first looks for appropriate keys, probably using --list-keys;
in fact, it insists on choosing a single key when multiple ones
are available.
...
> It is NOT certain that the key belongs to the person named
> in the user ID. If you *really* know what you are doing,
> you may answer the next question with yes.
>
> Use this key anyway? (y/N) y
This is another issue ADK might handle differently---if gpg skipped
validation of the donor keys (where ADK subkeys come from),
I wouldn't have to certify any UIDs in it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20230504/3b59589f/attachment.sig>
More information about the Gnupg-users
mailing list