On Thu, 10 Oct 2024 17:09, Björn Persson said: > This is how much you trust the owner of that key when they sign other > keys. Before you can trust the owner, you need to know who the key > belongs to.
Right, that is the case in the default trust model. My original answer was misleading. > Such assurance is provided by signing the key. Maybe the signatures > have been lost somehow, or the key that signed all the other keys is For example, in contrast to the command line the Kleopatra frontend creates non-exportable key signatures. On the command line or with edit-key you ca create such non-exportable signature by using --quick-lsign-key or "lsign". Now if you do an --export those signatures are not exported (they are non-exportable/local). GnuPG has a --export-option backup which exports everything but the old 2.0 version does not have this option. It might already have the "--export-options export-local-sigs", but I was not sure. Thus with 2.0 the export command gpg --export --export-options export-local-sigs >all-keys-with-all-sigs.pub might work. With 2.3 gpg --import --import-options restorre < all-keys-with-all-sigs.pub would do the jub. If the restore option is not yet implemented in that old 2.3 version it can be replaced by "import-local-sigs". Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein
openpgp-digital-signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
