[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: GnuPG & mutt on Woody 3.0r2.

On Mon, 22 Dec 2003 19:45, Marcel Weber <mmweber@ncpro.com> wrote:
> s. keeling wrote:
> > gpg: Signature made Sun Dec 21 17:14:28 2003 MST using DSA key ID
> > 946886AE gpg: Good signature from "Trey Sizemore <trey@fastmail.fm>"
> > gpg: WARNING: This key is not certified with a trusted signature!
> > gpg:          There is no indication that the signature belongs to the
> > owner. gpg: Fingerprint: 683F FFE2 AA2D D341 6002  A973 8443 F068 9468
> > 86AE
>
> You have to establish a network of trust. If you do not trust this key
> (you have to sign it, to mark it trusted) or if you do not trust any key
> that has signed the above, you get exactly this result.

Signing a key you don't know is not a good idea, it's easy to accidentally 
upload a key...

There is a gpg option "lsign" which can be used for this, it's like a regular 
signature but it can never be exported.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page
Reply to: