certification of signatures
Todd Zullinger
tmz at pobox.com
Fri Oct 17 22:29:05 UTC 2008
Markku Kolkka wrote:
> There's a lack of trust, not lack of certification. Those are two
> different things when talking about the GPG/PGP "web of trust"
> certification scheme. You haven't specified the level of trust that
> you have on the keys used to certify the Fedora signing key.
Setting the trust level on the key won't make the "key is not
certified with a trusted signature!" warning go away though.
The only way for the key to be treated as valid (which makes the
warning go away) is for a trusted key (or keys) to sign it. This
means you could sign the key yourself (preferably with a local
signature rather than an exportable signature) or find enough other
signatures on the key made by people you trust.
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Nothing strengthens authority so much as silence.
-- Charles De Gaulle
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 542 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20081017/47fdff89/attachment-0001.sig>
More information about the fedora-list
mailing list