Hi all, Let's assume that I have signed enough keys and assigned enough ownertrust so that if I had all the world's keys locally and did `gpg --list-key --list-options show-uid-validity` I would see a bunch of keys as valid via the web of trust.
Is there a way to determine if a given key would be valid in this case without actually importing all the world's keys? It seems like the keyserver ought to be able to find trust paths and that the keys could then be downloaded and verified locally, but I've not found anything to do this. The practical problem I'm trying to solve is how to determine if a signed git tag is in fact from a key I can trust without a lot of manual work. -- Philip Jägenstedt _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users