Mailing List Archive

Thomas Zander <zander@microweb.nl> writes:

> gpg: Signature made Wed Jul 28 16:50:13 1999 MEST using DSA key ID 0A0588D5
> gpg: Good signature from "Thomas Zander <zander@earthling.net>"
> gpg: WARNING: Using untrusted key!

I just checked it:
[.-- PGP output follows (current time: Wed Jul 28 17:58:26 1999) --]
gpg: Signature made Wed Jul 28 17:58:05 1999 CEST using DSA key ID 621CC013
gpg: Good signature from "Werner Koch <werner.koch@guug.de>"
[-- End of PGP output --]

and as you can see it works.

> I tried the edit-key, and set the trust to 4 (full), so what am I doning wrong?

This has nothing to do with the validity of the key - what you set
there is the amount of trust you have in the holder of that key to
correctly sign _others keys_ so that he can act as an introducer of
this other key.

When you use --edit-key for on of you own keys, you should see a line
like:

pub 1024D/621CC013 created: 1998-07-07 expires: 2002-11-01 trust: -/u

Trust is here meaningless, so the undefined ownertrust ("-") doesn'nt
matter. The validity of the key is given after the slash ("u") and of
course this should be "u" for ultimately trusted becuase you have
accesss to the secret key too. BTW, gpg doesn't noch check, whehter
you are the legitimate owner of the secret key (if qould need the
passphrase to do that) but simply assumes that you are the owner if
you have acces to that key.

From what you reported, I can't tell you where your problem might be.
Please check again.

--
Werner Koch at guug.de www.gnupg.org keyid 621CC013

> Thomas Zander <zander@microweb.nl> writes:
>
> > gpg: Signature made Wed Jul 28 16:50:13 1999 MEST using DSA key ID 0A0588D5
> > gpg: Good signature from "Thomas Zander <zander@earthling.net>"
> > gpg: WARNING: Using untrusted key!
>
> I just checked it:
> [.-- PGP output follows (current time: Wed Jul 28 17:58:26 1999) --]
> gpg: Signature made Wed Jul 28 17:58:05 1999 CEST using DSA key ID 621CC013
> gpg: Good signature from "Werner Koch <werner.koch@guug.de>"
> [-- End of PGP output --]
>
> and as you can see it works.

You are right, the gpg command line works. Just as soon as I used it in elm
I got that error. I looked at the commandline elm (and gpgpgp) produced and
it is as follows:
gpg --batch --always-trust --decrypt

When I tried this on the command line I got the same problem, see above.
the option --always-trust was the one generating the above message.

Is it a bug? I am still using 0.9.8

Tnx


--
Thomas Zander zander@microweb.nl
History repeats itself, it has to, nobody ever listens OpenPGP key: 0588D5

zander@microweb.nl writes:

> > > gpg: WARNING: Using untrusted key!

> When I tried this on the command line I got the same problem, see above.
> the option --always-trust was the one generating the above message.

No that is a feature. I'll make it go away ehen the option --quiet is
active.

--
Werner Koch at guug.de www.gnupg.org keyid 621CC013

zander@microweb.nl writes:

> > > gpg: WARNING: Using untrusted key!

> gpg --batch --always-trust --decrypt
>
> When I tried this on the command line I got the same problem, see above.
> the option --always-trust was the one generating the above message.
>
> Is it a bug? I am still using 0.9.8

Not it is a feature: A warning that you there is no evidence that the
key belongs to the owner.

Mutt (the successor of elm) has a _much_ better interface to pgp and
gpg (especially the new versions available by CVS)


--
Werner Koch at guug.de www.gnupg.org keyid 621CC013