[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: kmail "no valid and trusted" error

On Fri, 2002-06-07 at 16:57, Jason 'vanRijn' Kasper wrote:
> I'm using kmail from kde3 and gpg (GnuPG) 1.0.7 and am getting an error
> saying "no valid and trusted" openpgp keys found whenever I try to
> encrypt to someone who is on my keyring.  
> When I try to send the e-mail, what I get is a "encryption key selection
> - kmail" window that pops up.  I can see all users on my public keyring,
> but they all have yellow question marks next to the key id, and I'm
> unable to select any of them and click "ok".  In other words, while I
> can highlight the user I want to encrypt to, the "ok" button stays
> disabled.

Why encrypt if you don't know if the key in question belongs to the
intended recipient?

If you know you can trust the key, sign it. 

If you *have* signed the keys and still get the problem: older versions
og gpg (1.0.6 and earlier) have always implicitly trusted any key with
an available secret key. With gpg 1.0.7 you have to gpg --edit your own
keys and set 'trust' to 'ultimate'. (Don't ask me why the behaviour was
changed, though.)

always-trust is BAD - it undermines the whole idea of gpg key
signatures. If you want to encrypt to somebody but not upload a
signature, sign it locally (iirc: --lsign)

-- vbi

secure email with gpg            avbidder@fortytwo.ch: key id 0x92082481
                                 avbidder@acter.ch:    key id 0x5E4B731F

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: