On Wed, 2008-05-28 at 08:04 -0500, Aaron Konstam wrote: > On Tue, 2008-05-27 at 22:10 -0400, Todd Zullinger wrote: > > Aaron Konstam wrote: > > > I have the file set up as you indicate and evolution indicates the > > > key is invalid. Maybe its evolutions fault. > > > > The issue that I was responding to was getting the key automatically > > retrieved from a keyserver. That is a separate issue from validating > > the key. If evolution tells you that the key is invalid, it would > > indicate to me that it did retrieve the key correctly. It then could > > not find any trusted signatures on that key, thus the key is > > "invalid." > > > > For a key to be valid, it needs to be signed by a key to which you > > have given sufficient trust. Your own key is ultimately trusted. You > > can assign various levels of trust to other keys (once they have been > > signed by a trusted key). By default, gpg will consider a key valid > > if it signed by at least one fully or ultimately trusted key, or by 3 > > or more marginally trusted keys. > Ok, I agree with your analysis. It can't be ruled as invalid if had not > been retrieved. But I am ignorant. I do not know how to do the signing gpg --sign-key <name> See gpg(1). poc -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
