-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > Sven Radde escribió: > Faramir schrieb: >> I was reading again this message, and I'd like to know: is there any >> point about signing a key _but not giving any trusted status_ ? > Yes. > Signing the key makes it valid for you (i.e. you believe that the person indicated in the key's User-IDs is the person who actually has control over the secret key). > Assigning trust to a key means that you believe that the person owning the secret key is careful before he/she signs other people's keys (i.e. you consider other keys valid if they are signed by that person without checking the UID yourself). > > It can very well be the case that you are sure that a key is valid but you do not trust the owner to make this kind of assertion about other keys. > Think of a long time friend whose key you have gotten during a personal meeting but about who you know that he doesn't understand the GnuPG trust concept at all. You can obviously sign his key, but you wouldn't trust any signatures on other people's keys by him. > > HTH, Sven
I got the idea now, thanks. But I still have one more question: there are also some levels of how much valid is the key I am signing... or at least, some levels about how carefully I have checked the key is valid, so, what is the requisite for each level? I am using an email address that clearly doesn't show my real name, and my key's User ID also doesn't give any personal detail about me, but somebody can trust it is "me" the one that is writing this message, and also can trust I am not impersonating someone else, so would it be ok if that person sign my key as 100% valid? What I am really asking about, is what is the "standard" way to chose what level to use when signing a key, and if is "normal" to sign the key of other people in this list. Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBAgAGBQJIHwlHAAoJEIISGkVDGUEOBxwH/3RcQDhxypVtk6Lfjhc1PGqk rwFxomfqjFTGiyLH3v0DoqUZK9H7ftV/S/eIj6LiLV44W2LsNjQYnwbRitlah4zX WLL9LxjpI56gcOMviCsRU3RKyV0XVvOFq2D7ROax3AEj+2479yrESGF3IQesEIiE Ufiz2yBBM50wrgTsYWq4MMm439kZ7eDmX4f7fhHPoa9yyvohirJKcQ+1fxnA34zS 06zAU93shk54KtzX27BoX72MHT6UfWvLPGcUvPe+hVPtefFj2nHNL2PS+UiSXbZ6 suzYKLUpvIuwlPniQrHxlfkNegzzclLdjtTN1eZub02AKIxg/6DXnfBpLIsg0K0= =tf2h -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
