* Ismael Valladolid Torres (email@example.com) [030916 11:26]: > Hi, > > When verifying a signature created by myself, I get: > > $ gpg --verify bookmarks.asc > gpg: Signature made Tue Sep 16 19:06:09 2003 CEST using DSA key ID > 1542E793 > gpg: Good signature from "Ismael Valladolid Torres <firstname.lastname@example.org>" > gpg: WARNING: This key is not certified with a trusted signature! > gpg: There is no indication that the signature belongs to the owner. > Primary key fingerprint: 392B ECD0 6AA2 5FF3 98F4 830F 1031 EEDA 1542 > E793 > > But, it seems like the self-signature is created! > > $ gpg --edit-key 1542E793 > gpg (GnuPG) 1.2.3; Copyright (C) 2003 Free Software Foundation, Inc. > This program comes with ABSOLUTELY NO WARRANTY. > This is free software, and you are welcome to redistribute it > under certain conditions. See the file COPYING for details. > > Secret key is available. > > pub 1024D/1542E793 created: 2003-08-09 expires: never trust: -/- > sub 1024g/65D78D35 created: 2003-08-09 expires: never > (1). Ismael Valladolid Torres <email@example.com> Your problem is indicated by the part that says "trust: -/-". Your own key should be ultimately trusted, but in your trustdb, it's not trusted at all. That's why verifying your signature warns you that the key is not trusted. Use the 'trust' command in the edit-key interface to assign yourself ultimate trust. good times, Vineet -- http://www.doorstop.net/ -- --Nick Moffitt A: No. Q: Should I include quotations after my reply?
Description: PGP signature