Re: ...key belongs to ...

Sun, 30 May 2010 05:33:59 -0700 

On Sun, 30 May 2010 00:58:57 +0000 (UTC)
"Michael D. Berger" <m_d_berger_1...@yahoo.com> wrote:

> On Sat, 29 May 2010 19:46:29 -0500, John Clizbe wrote:
> 
> > Michael D. Berger wrote:
> >> On a Linux box, in encrypting a file with gpg, I get this query:
> >> 
> >>    It is NOT certain that the key belongs to the person named in
> >> the user ID.  If you *really* know what you are doing, you may
> >> answer the next question with yes.
> >> 
> >>    Use this key anyway? (y/N) n
> >> 
> >> Now in the context in which this is being used, there is no
> >> uncertainty regarding key ownership, and the encryption is part of
> >> a bash script. The query stops the script.
> >> 
> >> Therefore, how can I prevent this query?
> > 
> > The easiest is to either
> > 
> > a) (l)sign the key
> > 
> > or
> > 
> > b) add '--trust-model always' to the command line
> 
> I went to the account in which the key pair was generated
> and tried to sign the key.  I got that the key is already
> signed.  Was there perhaps something in the export of
> the public key that might have gone wrong?  Or, perhaps,
> is there some other signing that is necessary?
> 
> Thanks again.
> Mike.
> 
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 

You got that it's already signed because it's self signed. Your error
is akin to the message a web browser gives you when the site has a
self-signed certificate. There is no guarantee that the certificate
comes from the entity it says it does.  i.e. you have nothing but the
"word" of the certificate confirming its identity.

You need to go into the account performing the encryption, import the
public key in question if you haven't already, and sign it *there*.
Basically, confirming to gpg that you have independently verified this
key and know it to be valid.

Attachment: signature.asc
Description: PGP signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to