This is true, but blind signing of public keys is not
recommended. Unless you are really sure that the message
and key come from the purported sender, you could be signing
a fraudulent key.
The PGP/GPG model is that of a web of trust, built up over
time. With a list as geographically diverse as this one,
key-signing parties become a bit expensive. Key signing can
still take place where possible, and over time, the web will
be established.
I would rather be unable to verify the signature than to
blindly sign a key.
About me:
New to Mutt, chose it because of its PGP integration.
I seem to have made a big jump from yahoo web mail to
Mutt/Linux. I would have preferred an Xwindows based
client, because I sometimes receive HTML mail, and very
often receive web links in email that I want to immediately
`"click". Other than that, I like Mutt, although I am still
learning it.
Thanks for creating Mutt!
- Barry Angell
On Sun, Sep 24, 2000 at 09:30:25AM -0700, Bruce J.A. Nourish wrote:
> On Sun, Sep 24, 2000 at 02:52:02AM -0400, Russell Hoover wrote:
> > Why do I get this warning as part of the PGP output of every single
> > signed message on this list (except my own)?
> >
> > gpg: WARNING: This key is not certified with a trusted signature!
> > gpg: There is no indication that the signature belongs to the owner.
> >
> > What have I set wrong?
> Nothing is wrong with your mutt config -- what you need to do is use gpg to
> 'sign' the key with your own key, to indicate that you know this key belongs
> to who it claims to belong to.
>
> Normaly you would do this using gpg --sign-key <userid>
>
> I have the following macro defined - it is a disgusting hack but I think its
> neat. Try it:
>
> #
> macro pager \Cp \
> "|gpg --list-pack|head -n1|cut -b43-|xargs gpg --sign-key\n<exit><display-message>"
>"Attempt to sign key"
> --
> [- Bruce J.A. Nourish (email and finger) <[EMAIL PROTECTED]> -]
> [- GPG key ID BE062236 (75C2 6784 B600 F7F4 E35E A039 F62C 5AC7 BE06 2236) -]
> [- Fax (775) 665-5938 Phone (480) 763-6970 Pgr (602) 201-3376, ICQ 38344897 -]
> [- Web http://www.kode187.net - Postal: PO Box 51611, Phoenix AZ 85076-1611 -]
-- Barry Angell
---------------------------------
PGP mail accepted.
