Re: [PLUG] GPG Signed

Walt Mankowski on 30 Jul 2005 13:14:31 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] GPG Signed

From: Walt Mankowski <waltman@pobox.com>

To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Subject: Re: [PLUG] GPG Signed

Date: Sat, 30 Jul 2005 09:14:06 -0400

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: Mutt/1.5.9i

On Sat, Jul 30, 2005 at 08:25:55AM -0400, Eric Roode wrote: > > > Quoting Eugene Smiley <eug+plug@esmiley.net>: > > > gyoza@comcast.net wrote: > > > OK, that helps. However, I just test signed a couple keys and the > > > Validity didn't change even though I said I checked the key carefully. > > > So, maybe it depends on a number of other signatures. > > > > With GPG there is a conf option that allows you to specify how many > > trusted sigs are required to have a particular key appear as Valid. > > > > If x=2, it only takes two trusted keys signed by you to make a key > > Valid. (total keys = 4, yours, theirs, and the 2 in parallel in between) > > > > If x=3, it takes three trusted keys signed by you to make a key > > Valid. (total keys = 5, yours, theirs, and the 3 in parallel in between) > > > > etc. > > > > I believe the default is 3 although it's been a while and I don't > > recall the variable name... > > That doesn't sound right. If gyoza *signed* the keys, they should be counted as > valid, regardless of trust level. Here's the relevant part from the gpg manpage: --completes-needed n Number of completely trusted users to introduce a new key signer (defaults to 1). --marginals-needed n Number of marginally trusted users to introduce a new key signer (defaults to 3) The idea here is how you want to trust keys you haven't personally signed yourself. (This is the whole idea behind the web of trust.) Let's assume I'm using the default values, and gpg's trying to decide if Eric's signature is valid. There are 3 possible cases where it would say it's valid: 1. I've signed Eric's key myself. 2. I haven't signed Eric's key, but Alice has. I've signed Alice's key, and completely trust her. 3. I haven't signed Eric's key, but Bob, Carol, and Dave have. I've signed each of their keys, and marginally trust each of them. You can set the trust level when you sign a key, and change it with "gpg --edit-key". Walt
Attachment: signature.asc
Description: Digital signature

___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

References:

[PLUG] GPG Signed
From: gyoza@comcast.net

Re: [PLUG] GPG Signed
From: "Eric J. Roode" <sdn.praised68720@zoemail.net>

Re: [PLUG] GPG Signed
From: gyoza@comcast.net

Re: [PLUG] GPG Signed
From: "Stewart B. Lone" <v592653589793238@verizon.net>

Re: [PLUG] GPG Signed
From: LeRoy Cressy <ldc@lrcressy.com>

Re: [PLUG] GPG Signed
From: gyoza@comcast.net

Re: [PLUG] GPG Signed
From: "Eric J. Roode" <sdn.praised68720@zoemail.net>

Re: [PLUG] GPG Signed
From: gyoza@comcast.net

Re: [PLUG] GPG Signed
From: Eugene Smiley <eug+plug@esmiley.net>

Re: [PLUG] GPG Signed
From: "Eric Roode" <sdn.praised68720@zoemail.net>

Prev by Date: Re: [PLUG] GPG Signed

Next by Date: [PLUG] [OT] donation possibilities

Previous by thread: Re: [PLUG] GPG Signed

Next by thread: [PLUG] [OT] No outgoing email for two days

Index(es):

Date

Thread