Bug list update, 02.12.2002

[Miguel Coca]

--J2SCkAp4GZ/dPZZf
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Dec 04, 2002 at 12:36:45 +0100, Markus Gerwinski wrote:
> Miguel Coca wrote:
> > If someone deletes the default key, I think we should assume he knows w=
hy
> > he's doing it :-) And, anyway, he'll be reminded to create a new one wh=
en
> > the program restarts and no secret key is found (well, it should... doe=
sn't
> > seem to work right now).
>=20
> That one wouldn't warn the user if he had two secret keys and deleted the
> default key, but still has another one.

In that case, the correct behaviour would be to make the other key the
default one.

> > That happens somewhere inside gpg. If you want a description of the mod=
el
> > used, you can take a look at the GPH:
> >=20
> >         http://www.gnupg.org/gph/en/manual.html#AEN335
>=20
> ... I see. So, a key is looked upon as valid, if
>=20
>  - it's signed by someone I've got at least "full" ownertrust to or

Yes, but that signing key must be valid too. Also, three marginally trusted
keys can validate a key, too.

>  - it's signed by someone who's key is signed by someone I've got at least
>    "full" ownertrust to.

Not considering marginally trusted keys, all keys along the path (up to five
levels) must be both valid and fully trusted.

> Else, it's invalid. Right? (Sorry if it's a stupid question, but I want t=
o be
> sure not to run into my before misunderstanding again.)

Right.

Thanks,
--=20
Miguel Coca                                         e970095@zipi.fi.upm.es
PGP Key 0x27FC3CA8                         http://zipi.fi.upm.es/~e970095/

--J2SCkAp4GZ/dPZZf
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE97oCcjE3Htif8PKgRAvq2AKCN3nt622YbMvIKMwYMO9T5zfh9vwCgw/aS
1vkyzl8pqW0/HEVyqPXgndc=
=mnmC
-----END PGP SIGNATURE-----

--J2SCkAp4GZ/dPZZf--