Re: GPG and Signing
On Sun, Apr 01, 2007 at 02:24:39PM +0200, Florian Kulzer wrote:
> On Sun, Apr 01, 2007 at 08:11:06 -0400, Michael Pobega wrote:
> > On Sun, Apr 01, 2007 at 11:26:54AM +0300, Andrei Popescu wrote:
> > > Ron Johnson wrote:
> > >
> > > > > What are the advantages to having it?
> > > >
> > > > Using a web of trust, you can validate whether the entity that
> > > > claims to have sent the email actually sent the email.
> > >
> > > Which makes me wonder, how is anyone to establish such a web of trust
> > > in this community?
> > >
> > > Regards,
> > > Andrei
> > > P.S. I just setup Claws-Mail to use signing a few days ago. This thread
> > > looks like a good opportunity to start using it here.
> > >
> >
> > I got this for your mail:
> >
> > [-- PGP output follows (current time: Sun 01 Apr 2007 08:09:36 AM EDT)
> > --]
> > gpg: Signature made Sun 01 Apr 2007 04:27:11 AM EDT using DSA key ID
> > 70859BD9
> > gpg: Can't check signature: public key not found
> > [-- End of PGP output --]
> >
> > I can't figure out how to set it up. The articles mention only talk
> > about PGP, not GPG.
>
> Make sure you have something like this in your ~/.gnupg/gpg.conf:
>
> keyserver-options auto-key-retrieve
> keyserver hkp://subkeys.pgp.net
>
> (You can use another keyserver, of course. All the "standard" keyservers
> synchronize their key data with each other regularly.)
>
Not all of the GPG keys are verifying, Andrei's still isn't but others
are.
Is there any way to verify individual keys?
Reply to: