Am So 15.09.2013, 21:11:04 schrieb Philip Jägenstedt: > In very concrete terms, how can I determine which keys I need to > import so that the GnuPG dist sig (4F25E3B6) has full validity?
> in order to find > the shortest paths and then manually import the keys to verify that it > is in fact true... The question does not make much sense IMHO because this is not only about importing keys but also about assigning certification trust to the keys along the path. In order to seriously assign certification trust to a key you have to know the key owner, the certification policy (for that key) and the security level of the mainkey. Why should you not already have imported a key if you have all these pieces of information available? Sounds to me like you are willing to assign certification trust to unknown keys just because you have to in order to advance in the signature path. Hauke -- Crypto für alle: http://www.openpgp-schulungen.de/fuer/bekannte/ OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
