Security GPG Key question

[ral77 <ral77 bellsouth net>]

I have setup the keyserver pgp.mit.edu and  gpg --recv-key 0x731002FA . 
Then set the trust with the interactive gpg --edit-key 0x731002FA . When 
I run rpm --checksig -v kernel-2.4.20-30.7.legacy.i686.rpm

kernel-2.4.20-30.7.legacy.i686.rpm:
MD5 sum OK: 8679be0ce60e842d0ceab9e3084cefe8
gpg: WARNING: --honor-http-proxy is a deprecated option.
gpg: please use "--keyserver-options honor-http-proxy" instead
gpg: Warning: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
gpg: Signature made Fri 20 Feb 2004 11:07:04 PM EST using DSA key ID 
731002FA
gpg: Good signature from "Fedora Legacy (http://www.fedoralegacy.org) 
<secnotice fedoralegacy org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the 
owner.
Fingerprint: D66D 121F 9784 5E7B 2757  8C46 108C 4512 7310 02FA

My question is about the  gpg: WARNING: This key is not certified with a 
trusted signature!

Is this related to the note on the web site  at  
http://www.fedoralegacy.org/about/security.php

*"Note:* The GPG key on the Fedora Legacy web site is alone without any 
signatures. This is what we use to sign packages as there is a bug with 
RPM when you use a key which has signatures on it. The key on the 
key-server may gather signatures from time to time, but the key on our 
site will not reflect this."

Yesterday and the monthly LUG meeting one of the security folks walked 
me through the pgp setup on my rh8 server
and I'm referencing the history file and attempting the setup on a rh72 
server. I may have a procedure error as this is new for me.

Best regards,
Robert L.