Hello, I'd like to ask for tips and ideas to make more convenient use of the keyrings installed by the debian-keyring package. Currently, I have mutt pass `--keyring /usr/share/keyrings/...` for each of the keyrings, so that I can verify signatures on e-mails. It would be more natural to just add `keyring /usr/share/keyrings/...` to ~/.gnupg/gpg.conf, but when I tried this I often got errors from gpg trying to write to the keyrings in /usr/share/keyrings. Is there some way to mark a keyring as read-only? Another issue is that I'd like to mark the keys in the Debian keyrings as trusted. The default way of using PGP requires quite short trust paths in order to consider a key trusted, but since our keyring is curated, it is much less important for there to exist a short trust path between my key and a DD's key -- if it's in the keyring, I have very good reason to believe it really belongs to the person named in the UID. Is there some way to mark a whole keyring as trusted? Thanks! -- Sean Whitton
Attachment:
signature.asc
Description: PGP signature