Re: ISO md5sum signing paranoia

To: debian-amd64@lists.debian.org
Cc: Ernest ter Kuile <ernest@terkuile.ch>
Subject: Re: ISO md5sum signing paranoia
From: vitko <vitk0@seznam.cz>
Date: Fri, 30 Sep 2005 10:08:19 +0200
Message-id: <[🔎] 433CF273.9040303@seznam.cz>
In-reply-to: <[🔎] 200509292108.31315.ernest@terkuile.ch>
References: <[🔎] 20050927101326.GA25064@dusk.harfang.homelinux.org> <[🔎] 200509271555.04771.joel48@ischool.washington.edu> <[🔎] 433C1C35.2010804@seznam.cz> <[🔎] 200509292108.31315.ernest@terkuile.ch>

The idea is that either YOU meet these people, or that somebody you trust didit for you, or that somebody you trust knows somebody he trusts who knowsthis trusty gal, who had a relation with a bloke, who met the guy at thiscongress wich he now trusts.


Yes, that is the idea of signing the keys by CA. It seems gpg supports this:

<quote>
gpg: WARNING: This key is not certified with a trusted signature!
</quote>

Does it mean that the key is certified, but I miss key of certificator; then
I'd like to know where to get this certificate authority key; OR does it mean
this key is not certified at all?

Vit

Reply to:

Follow-Ups:
- Re: ISO md5sum signing paranoia
  - From: Gabor Gombas <gombasg@sztaki.hu>
- Re: ISO md5sum signing paranoia
  - From: Ernest ter Kuile <ernest@terkuile.ch>

References:
- Kernel compilation failure
  - From: Gilles <gilles@harfang.homelinux.org>
- Re: Kernel compilation failure
  - From: Joel Johnson <joel48@ischool.washington.edu>
- ISO md5sum signing paranoia
  - From: vitko <vitk0@seznam.cz>
- Re: ISO md5sum signing paranoia
  - From: Ernest ter Kuile <ernest@terkuile.ch>

Prev by Date: Gtk/Gnome software only english
Next by Date: Re: Wireless INPROCOMM 2220 (MAYBE) WORKS!
Previous by thread: Re: ISO md5sum signing paranoia
Next by thread: Re: ISO md5sum signing paranoia
Index(es):
- Date
- Thread