On Fri, Jun 11, 2010 at 06:21:14PM +0000, Camale??n wrote: > On Fri, 11 Jun 2010 21:03:22 +0300, Alexander Batischev wrote: > > > Some thoughts which just came to my head: can it be because of lack of > > trusted keys? I did not set anyone's key as trusted, so I don't have web > > of trust. This still don't explain (in my opinion, at least) why my own > > signature can't be verified. > > Exactly (a very good explanation about that, here): > > http://wiki.mutt.org/?MuttGuide/UseGPG
Yeah, I've read it before, but still can't understand... > In order to verify a signed message, either you have to previosuly import > the key into your keyring or you need to setup Mutt to retrieve the key > from public servers. I have all the keys retrieved (previously, I run gpg --recv-keys keyID every time I face with new key; now I just set "keyserver-options auto-key-retrieve" in ~/.gnupg/gpg.conf, so all new keys are retrieved automatically). And it still doesn't explain why my own signature can't be verified, too. When I open my own message, I have this on the top, right between headers and body: [-- PGP output follows (current time: Fri Jun 11 21:26:24 2010) --] gpg: Signature made Fri Jun 11 20:48:09 2010 EEST using DSA key ID 69093C81 gpg: Good signature from "Alexander Batischev <eual...@gmail.com>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: F870 A381 B5F5 D2A1 1B35 4D63 A1A7 1C77 6909 3C81 [-- End of PGP output --] I'm little worried about "not certified with a trusted signature" - it's my own signature, it should be trusted, innit? -- Regards, Alexander Batischev 1024D/69093C81 F870 A381 B5F5 D2A1 1B35 4D63 A1A7 1C77 6909 3C81
signature.asc
Description: Digital signature