Re: GNU-PG verifying question/confusion.

To: debian-user@lists.debian.org
Subject: Re: GNU-PG verifying question/confusion.
From: Jonas Steverud <d4jonas@dtek.chalmers.se>
Date: 15 Mar 2000 00:53:35 +0100
Message-id: <[🔎] wtn4sa9f6rk.fsf@licia.dtek.chalmers.se>
In-reply-to: Martin Bishop's message of "Wed, 15 Mar 2000 10:41:17 +1100"
References: <[🔎] 20000315104117.A15183@blade.net>

Martin Bishop <martinbishop@crosswinds.net> writes:

[...]
> My question:
> Does this means that the linux-2.3.41.tar.bz2 is no good or
> that the "sign" file is no good?

This meant that GPG couldn't find any "trust path" from a trusted key
to the keys used to sign the file. I really don't know how the "trust
path" works but <URL:http://www.gnupg.org> is a good place to start.

The signature is made using the key ("Good signature from ...") but
the question is - can you trust the key? This is what (if I'm not
mistaken - and that would be embarrassing) GPG complains about.

-- 
( GnuPG/PGP key @ www.dtek.chalmers.se/~d4jonas/    !    Wei Wu Wei    )
( U2MoL, Roleplaying, LaTeX, Emacs/Gnus, etc.       ! To Do Without Do )

Reply to:

References:
- GNU-PG verifying question/confusion.
  - From: Martin Bishop <martinbishop@crosswinds.net>

Prev by Date: Re: GNU-PG verifying question/confusion.
Next by Date: 4 Things
Previous by thread: Re: GNU-PG verifying question/confusion.
Next by thread: 4 Things
Index(es):
- Date
- Thread