On Fri, 2002-06-07 at 16:57, Jason 'vanRijn' Kasper wrote: > I'm using kmail from kde3 and gpg (GnuPG) 1.0.7 and am getting an error > saying "no valid and trusted" openpgp keys found whenever I try to > encrypt to someone who is on my keyring. > > When I try to send the e-mail, what I get is a "encryption key selection > - kmail" window that pops up. I can see all users on my public keyring, > but they all have yellow question marks next to the key id, and I'm > unable to select any of them and click "ok". In other words, while I > can highlight the user I want to encrypt to, the "ok" button stays > disabled. Why encrypt if you don't know if the key in question belongs to the intended recipient? If you know you can trust the key, sign it. If you *have* signed the keys and still get the problem: older versions og gpg (1.0.6 and earlier) have always implicitly trusted any key with an available secret key. With gpg 1.0.7 you have to gpg --edit your own keys and set 'trust' to 'ultimate'. (Don't ask me why the behaviour was changed, though.) always-trust is BAD - it undermines the whole idea of gpg key signatures. If you want to encrypt to somebody but not upload a signature, sign it locally (iirc: --lsign) cheers -- vbi -- secure email with gpg avbidder@fortytwo.ch: key id 0x92082481 avbidder@acter.ch: key id 0x5E4B731F
Attachment:
signature.asc
Description: This is a digitally signed message part