Re: PGP signatures.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2008-05-27 at 22:10 -0400, Todd Zullinger wrote:
> Aaron Konstam wrote:
> > I have the file set up as you indicate and evolution indicates the
> > key is invalid. Maybe its evolutions fault.
> 
> The issue that I was responding to was getting the key automatically
> retrieved from a keyserver.  That is a separate issue from validating
> the key.  If evolution tells you that the key is invalid, it would
> indicate to me that it did retrieve the key correctly.  It then could
> not find any trusted signatures on that key, thus the key is
> "invalid."
> 
> For a key to be valid, it needs to be signed by a key to which you
> have given sufficient trust.  Your own key is ultimately trusted.  You
> can assign various levels of trust to other keys (once they have been
> signed by a trusted key).  By default, gpg will consider a key valid
> if it signed by at least one fully or ultimately trusted key, or by 3
> or more marginally trusted keys.
Ok, I agree with your analysis. It can't be ruled as invalid if had not
been retrieved. But I am ignorant. I do not know how to do the signing
processes you describe. Is there a simple explanation available?
--
=======================================================================
Beware of the Turing Tar-pit in which everything is possible but nothing
of interest is easy.
=======================================================================
Aaron Konstam telephone: (210) 656-0355 e-mail: akonstam@xxxxxxxxxxxxx

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux