begin quoting what Peter T. Abplanalp said on Mon, Apr 01, 2002 at 11:00:39AM -0700: > > ok. just to see how things work, i lsigned the key that i got from the > keyserver when i opened the email i am responding to. presumably your > key and email ;-). now when mutt invokes gpg, i get the same message of > "good signature but no validity." that being the case, what is the purpose > of lsigning a key?
Something isn't configured properly in your GnuPG. It sounds like it doesn't trust YOUR key. > as i asked above, why? what purpose does lsigning serve? When things are configured properly, it establishes that you trust the key. > so you are saying it is a totally subjective judgement call? that means > i could sign all the keys i have from this list and send everyone a copy > back and that would be ok? No, that would be BAD judgement, and everybody would set their trust on your key to nil. > angry. especially due to the fact that my one pgp friend wouldn't sign > my key unless i brought it to him on a floppy. he didn't check my id > presumably because he felt confident he could still recognize me. That's good judgement.
msg26472/pgp00000.pgp
Description: PGP signature
