On Tue, 2008-05-27 at 22:10 -0400, Todd Zullinger wrote:
Aaron Konstam wrote:
> I have the file set up as you indicate and evolution indicates the
> key is invalid. Maybe its evolutions fault.
The issue that I was responding to was getting the key automatically
retrieved from a keyserver. That is a separate issue from validating
the key. If evolution tells you that the key is invalid, it would
indicate to me that it did retrieve the key correctly. It then could
not find any trusted signatures on that key, thus the key is
"invalid."
For a key to be valid, it needs to be signed by a key to which you
have given sufficient trust. Your own key is ultimately trusted. You
can assign various levels of trust to other keys (once they have been
signed by a trusted key). By default, gpg will consider a key valid
if it signed by at least one fully or ultimately trusted key, or by 3
or more marginally trusted keys.
Ok, I agree with your analysis. It can't be
ruled as invalid if had not
been retrieved. But I am ignorant. I do not know how to do the signing
processes you describe. Is there a simple explanation available?
--
=======================================================================
Beware of the Turing Tar-pit in which everything is possible but nothing
of interest is easy.
=======================================================================
Aaron Konstam telephone: (210) 656-0355 e-mail: akonstam(a)sbcglobal.net