On Fri, 2002-06-07 at 16:57, Jason 'vanRijn' Kasper wrote:
> I'm using kmail from kde3 and gpg (GnuPG) 1.0.7 and am getting an error
> saying "no valid and trusted" openpgp keys found whenever I try to
> encrypt to someone who is on my keyring.
>
> When I try to send the e-mail, what I get is a "encryption key selection
> - kmail" window that pops up. I can see all users on my public keyring,
> but they all have yellow question marks next to the key id, and I'm
> unable to select any of them and click "ok". In other words, while I
> can highlight the user I want to encrypt to, the "ok" button stays
> disabled.
Why encrypt if you don't know if the key in question belongs to the
intended recipient?
If you know you can trust the key, sign it.
If you *have* signed the keys and still get the problem: older versions
og gpg (1.0.6 and earlier) have always implicitly trusted any key with
an available secret key. With gpg 1.0.7 you have to gpg --edit your own
keys and set 'trust' to 'ultimate'. (Don't ask me why the behaviour was
changed, though.)
always-trust is BAD - it undermines the whole idea of gpg key
signatures. If you want to encrypt to somebody but not upload a
signature, sign it locally (iirc: --lsign)
cheers
-- vbi
--
secure email with gpg avbidder@fortytwo.ch: key id 0x92082481
avbidder@acter.ch: key id 0x5E4B731F
Attachment:
signature.asc
Description: This is a digitally signed message part