Setting trust is separate from signing a key (at least from gpg's POV). Your trust settings are local and not exported with the key like a signature.
You can trust a key you didn't sign (if it's wise to do so is an other question) and you can also distrust a key you did sign. gpg uses the trust to compute how much it can trust (key-) signatures made by that key. So it's possible that you trust a key you didn't sign because you trust enough people who signed this key. -- a key is put in "trusted keys" without it is signed https://bugs.launchpad.net/bugs/328735 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs