On Dec 22, 2014 7:30 AM, "Haritwal, Dhiraj" <dhiraj.harit...@ap.sony.com> wrote: > > Thank you very much for all the explanation/links. Now things are bit clear. > Now I have to encrypt file with partner's Public Key. I tried with below command which is still showing warning message (gpg: 89709B71: There is no assurance this key belongs to the named user) whereas if I am checking partner_pubkey, it's showing full trust. How can I remove this message. Even I have added partner's public key as trusted. > > ./gpg --encrypt --recipient partner_pubkey --armor /tmp/test/data.CSV
I'm glad things are working better. To resolve the issue with the assurance message, manually verify that the key belongs to the recipient (e.g. meet in person or call them and verify the fingerprint of their key) and then sign the key using GnuPG. (gpg --sign-key 0xKEYID) In GnuPG you vouch that a particular public key belongs to a person (or organization) by signing their public key. This signature can be local or published publicly. "Trust" in GnuPG is different, and reflects how much you trust the other key to correctly vouch for the identity of others. If you set their key as fully trusted, keys that are signed by that key are treated by your copy of GnuPG with the same level of assurance as if you signed them yourself. Typically this should only be reserved for people you know to always check the identity of other people thoroughly and correctly before signing their keys. The default is for trust to be set to "marginal". By combining signatures and trust, one forms a "web of trust": https://en.wikipedia.org/wiki/Web_of_trust Cheers! -Pete
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
