Hello, I want to find out what makes a key valid (and with which certification level): a certification by one of the systems keys or one or more certifications from the WoT. I think that it is important that applications show this information in key selection dialogs.
IIRC this has been discussed here a while ago and there is no way to get this information from GnuPG. I would like to know whether there is already software available which does this; no need to reinvent the wheel. If there isn't any I would do this (but maybe there is a better approach): 1) Find all keys which have ultimate trust. BTW: I noticed that a key becomes invalid if its certifying key expires and has complete trust. But if it has ultimate trust then the expiration does not make the certification invalid. Is this intentional? 2) Import all these keys plus the key to be checked (with import-clean) into a new keyring (with a separate trustdb). 3) If (the key was valid in the normal keyring and) the key is not valid in the check keyring then it is validated via the WoT. Otherwise I can look for the signature with the highest certification level (I am interested in this information). Another, related question: I was surprised to read the recommendation to create a local certification for keys which have been validated via the WoT. But the one who wrote that seems extremely competent to me with respect to OpenPGP. Is there a general concensus on that? What are your opinions? Hauke -- Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/ http://userbase.kde.org/Concepts/OpenPGP_Help_Spread OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
