Re: Encrypt Error - There is no assurance this key belongs to the named user
On 10/05/2010 09:57 PM, Larry Brower wrote: Have you verified it is trusted on the system you are trying to use it on? Perhaps the key isn't trusted. This is not about trust for this key -- it is about validity. The point is that the key does not have a valid binding to its User ID, so encrypting to the User ID isn't going to work without prompting. If the User ID + Key have been certified by some third party whose certifications you're happy to rely on (and whose key already has a valid binding to its user ID), you should mark that third party as fully trusted. Then their certifications will be acceptable, and the target key will have a valid binding to its User ID. Note that you'll need at least one key in your keyring to be marked as ultimate ownertrust, in order to get the chain started someplace. Usually, you'd mark your own key with ultimate ownertrust, since (presumably) you know for sure which key is yours. hth, --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Encrypt Error - There is no assurance this key belongs to the named user
I am getting this error when trying to encrypt a file using a public key generated by PGP Desktop 10.0.2 (Build 13). I am using gpg (GnuPG) 1.4.5. I think the error is being caused by the validity setting for this key in my keyring which is validity: unknown. Two questions: First, is there a way to set the validity parameter in the version of GnuPG I am using. Second, are there any known incompatibilities between PGP Desktop 10.0.2 (Build 13) and gpg (GnuPG) 1.4.5? Thank You in advance for your assistance. Tom Chitwood MCP, MCSE, CNA Wellpoint Account Information Technology Services Americas Global Services, IBM 818.234.4118___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encrypt Error - There is no assurance this key belongs to the named user
Robert, This is a error that is preventing us from encrypting. The key has been trusted and signed. pub 2048R/F56DBCBE created: 2010-09-28 expires: never usage: SC trust: full validity: unknown sub 2048R/CEA16A49 created: 2010-09-28 expires: never usage: E [ unknown] (1). Patrick Ashbrook pashbr...@chcw.com Tom Chitwood MCP, MCSE, CNA Wellpoint Account Information Technology Services Americas Global Services, IBM 818.234.4118 From: Robert J. Hansen r...@sixdemonbag.org To: gnupg-users@gnupg.org Date: 10/05/2010 01:07 PM Subject: Re: Encrypt Error - There is no assurance this key belongs to the named user Sent by: gnupg-users-boun...@gnupg.org On 10/5/2010 2:16 PM, Thomas Chitwood wrote: I am getting this error when trying to encrypt a file using a public key generated by PGP Desktop 10.0.2 (Build 13). I am using gpg (GnuPG) 1.4.5. I think the error is being caused by the validity setting for this key in my keyring which is validity: unknown. Is this an error (something that actually prevents you from encrypting), or is it just a warning (letting you know about something, but not preventing the encryption)? First, is there a way to set the validity parameter in the version of GnuPG I am using. This is done by validating the key and signing it with your own key. If you want to shut off all validation checks, putting --trust-model always on the command line will do that. Second, are there any known incompatibilities between PGP Desktop 10.0.2 (Build 13) and gpg (GnuPG) 1.4.5? None worth mentioning, but I believe a security vulnerability has been discovered which affects version 1.4.5. You may want to consider upgrading to the latest 1.4 (1.4.10 as of this writing). ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encrypt Error - There is no assurance this key belongs to the named user
On 10/5/10 6:13 PM, Thomas Chitwood wrote: Robert, This is a error that is preventing us from encrypting. The key has been trusted and signed. pub 2048R/F56DBCBE created: 2010-09-28 expires: never usage: SC trust: full validity: unknown sub 2048R/CEA16A49 created: 2010-09-28 expires: never usage: E [ unknown] (1). Patrick Ashbrook pashbr...@chcw.com Tom Chitwood MCP, MCSE, CNA Wellpoint Account Information Technology Services Americas Global Services, IBM 818.234.4118 Since it's listing the validity as unknown, gpg doesn't seem to think the key is signed by your key. (Maybe you didn't set your own key to ultimate trust?) As Robert said, unknown validity will usually Y/N prompt you for confirmation instead of completely failing. Are you encrypting from a batch file? From a gui front end? From the command line? And that's still not an actual error message. Could you try something like the following and post the acutal error? johnmudhead:~ grant$ echo foo bar.txt johnmudhead:~ grant$ gpg -r pashbr...@chcw.com --encrypt bar.txt gpg: pashbr...@chcw.com: skipped: No public key gpg: bar.txt: encryption failed: No public key -- Grant I am gravely disappointed. Again you have made me unleash my dogs of war. signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encrypt Error - There is no assurance this key belongs to the named user
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thomas Chitwood wrote: Robert, This is a error that is preventing us from encrypting. The key has been trusted and signed. pub 2048R/F56DBCBE created: 2010-09-28 expires: never usage: SC trust: full validity: unknown sub 2048R/CEA16A49 created: 2010-09-28 expires: never usage: E [ unknown] (1). Patrick Ashbrook pashbr...@chcw.com Can you provide the output of --list-sigs ? That doesn't look like it has been signed or perhaps you didn't issue save afterward? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJMq6qrAAoJEPXCUD/44PWqGvsQAMrRIyqk8yl42aHga1uMXZde bEhzA4oO8IEZZlRTQ0Lvz58DHpP+pIxvGhZERYqgo+jiv90Jntwj+Rz4LhZi/qUZ iap7POF+EcNEaw/JpNvZ1ubLt9CriRJYHyhhmL5nZ3UQwdIVcDBADrNdPHxnWZpE IQ/6WI1hTEibHx8QmbTnt5jSJy31O9IUPQaMa5tcjd99iJz2nT3cR3u6WaTgkbUW eQYOnJgONBKAi0D/rS0szz39wONI2QZ6krx56jjOOTZNuXQ2HuODQ1WRMuamVGbf sAANUgljz6HErbsgb16mru/fWTaNnD4UEttYqTlaMyrsHetrfGNewkyE5hIE1PgD TW/wA/HJrGVAu3aNWvFd1aiS5Uz9fxEWBYp0pd02A3/c7AJKN84EntkrMYfDM01v Bv/Nq6dTImHVHwvyjqErZYCHQbJ79s7qqGZl3sMEmVbOifLGvebQ6vkunO/+Oe1D QEKcBoNDtJn8PYCXC9ixkT3oD7gS8QzFVfIQOlJrqsxNO6x4ET7RGTvGg0bbaUPJ PTPGq+m9XrSopscY5efs8SwR6v7uu4okrhvEM+7FQ796qD3QYw8HVgHHlJ/P9Ewn b42krovPFDgZ0Ffx6DD96DeySFN/wpjy2lebVegdXFMetdh6UMZzT2BneKvByKr7 z4Zuq70fFAXxsg+viUKX =Zttz -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encrypt Error - There is no assurance this key belongs to the named user
Here you go. $ gpg --list-sigs F56DBCBE pub 2048R/F56DBCBE 2010-09-28 uid Patrick Ashbrook pashbr...@chcw.com sig N F56DBCBE 2010-09-28 Patrick Ashbrook pashbr...@chcw.com sig 359B3EB2 2010-10-05 it.security@bcbs-ga.com (Key created for adp on 2/1/2005) it.security@bcbs-ga.com sub 2048R/CEA16A49 2010-09-28 sig F56DBCBE 2010-09-28 Patrick Ashbrook pashbr...@chcw.com Tom Chitwood MCP, MCSE, CNA Wellpoint Account Information Technology Services Americas Global Services, IBM 818.234.4118 From: Larry Brower larry-li...@maxqe.com To: Thomas Chitwood/Los Angeles/i...@ibmus Cc: gnupg-users@gnupg.org Date: 10/05/2010 03:46 PM Subject: Re: Encrypt Error - There is no assurance this key belongs to the named user -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thomas Chitwood wrote: Robert, This is a error that is preventing us from encrypting. The key has been trusted and signed. pub 2048R/F56DBCBE created: 2010-09-28 expires: never usage: SC trust: full validity: unknown sub 2048R/CEA16A49 created: 2010-09-28 expires: never usage: E [ unknown] (1). Patrick Ashbrook pashbr...@chcw.com Can you provide the output of --list-sigs ? That doesn't look like it has been signed or perhaps you didn't issue save afterward? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJMq6qrAAoJEPXCUD/44PWqGvsQAMrRIyqk8yl42aHga1uMXZde bEhzA4oO8IEZZlRTQ0Lvz58DHpP+pIxvGhZERYqgo+jiv90Jntwj+Rz4LhZi/qUZ iap7POF+EcNEaw/JpNvZ1ubLt9CriRJYHyhhmL5nZ3UQwdIVcDBADrNdPHxnWZpE IQ/6WI1hTEibHx8QmbTnt5jSJy31O9IUPQaMa5tcjd99iJz2nT3cR3u6WaTgkbUW eQYOnJgONBKAi0D/rS0szz39wONI2QZ6krx56jjOOTZNuXQ2HuODQ1WRMuamVGbf sAANUgljz6HErbsgb16mru/fWTaNnD4UEttYqTlaMyrsHetrfGNewkyE5hIE1PgD TW/wA/HJrGVAu3aNWvFd1aiS5Uz9fxEWBYp0pd02A3/c7AJKN84EntkrMYfDM01v Bv/Nq6dTImHVHwvyjqErZYCHQbJ79s7qqGZl3sMEmVbOifLGvebQ6vkunO/+Oe1D QEKcBoNDtJn8PYCXC9ixkT3oD7gS8QzFVfIQOlJrqsxNO6x4ET7RGTvGg0bbaUPJ PTPGq+m9XrSopscY5efs8SwR6v7uu4okrhvEM+7FQ796qD3QYw8HVgHHlJ/P9Ewn b42krovPFDgZ0Ffx6DD96DeySFN/wpjy2lebVegdXFMetdh6UMZzT2BneKvByKr7 z4Zuq70fFAXxsg+viUKX =Zttz -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encrypt Error - There is no assurance this key belongs to the named user
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thomas Chitwood wrote: Here you go. $ gpg --list-sigs F56DBCBE pub 2048R/F56DBCBE 2010-09-28 uid Patrick Ashbrook pashbr...@chcw.com sig N F56DBCBE 2010-09-28 Patrick Ashbrook pashbr...@chcw.com sig 359B3EB2 2010-10-05 it.security@bcbs-ga.com (Key created for adp on 2/1/2005) it.security@bcbs-ga.com sub 2048R/CEA16A49 2010-09-28 sig F56DBCBE 2010-09-28 Patrick Ashbrook pashbr...@chcw.com Is the key you signed this with the 0x359B3EB2 one? If so, is this one marked as trusted in your keyring? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJMq8PeAAoJEPXCUD/44PWqviUQAKBzwb/B7MHJqqDuNKpvNjN8 /r0f0O/46SB0lvl59bHcN6pLWMHCNgCp1tNNoQrwNmgltZ9vC58KMSUe5iQl6AeC h9t0Fi62lmNifaqogz9cVX2To1m9d1cy7fC9KKK9NH4wl3hbgBgq+Cq1r1xptUk7 NcfoxSJdEV4ia/vFg8Fb8Igxh30jSteaxzPe6H/Ti0moY/V1S/x30Fyhu8rOOi4j tQ3U4Ai9tqjJx5jCzN6HMitodTNOgF/HVLdMH0QKrVgY+Cvo6nuqNlCDgPvc/JSF fw6OjGzjCJxLMhwkktClsTh/EA4ASzf/kcKjxxkYs+YF6hpHR/h6gJA/YMRn2OYQ 3+XOG5n/qxd9AQM3/P4kiFq8pJpQm7b9a6499diqpe0U5xXJ+7dBSeaRBOcbIyGb 79DZowkIXw5HRpKo5roovfVmzEzHKKFU2rjLGCEJRJYDe5NS0Twu3WdQbhoasVXa S2SCeDK74pnF8ybHJiXTiIP2ma9V1yFBrc1tI5YYNx5TW8oPX0oW/UhUXRnT4Z7n KrLsnKrmFkri7xDYill6GFOBMmaibjRNAqim26EY0fGkgrE42yVg0InuFiNAJ2cr io2m9tQD0YY004OX5xwWRo4V++X+HgZfztXyI2vO4QygbvedcQOvWimcBRZYxYpg JwW3N3uvwjs+tBuqL/Zj =fqLi -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encrypt Error - There is no assurance this key belongs to the named user
Yes, that is our key. Tom Chitwood MCP, MCSE, CNA Wellpoint Account Information Technology Services Americas Global Services, IBM 818.234.4118 From: Larry Brower larry-li...@maxqe.com To: Thomas Chitwood/Los Angeles/i...@ibmus Cc: gnupg-users@gnupg.org Date: 10/05/2010 05:33 PM Subject: Re: Encrypt Error - There is no assurance this key belongs to the named user -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thomas Chitwood wrote: Here you go. $ gpg --list-sigs F56DBCBE pub 2048R/F56DBCBE 2010-09-28 uid Patrick Ashbrook pashbr...@chcw.com sig N F56DBCBE 2010-09-28 Patrick Ashbrook pashbr...@chcw.com sig 359B3EB2 2010-10-05 it.security@bcbs-ga.com (Key created for adp on 2/1/2005) it.security@bcbs-ga.com sub 2048R/CEA16A49 2010-09-28 sig F56DBCBE 2010-09-28 Patrick Ashbrook pashbr...@chcw.com Is the key you signed this with the 0x359B3EB2 one? If so, is this one marked as trusted in your keyring? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJMq8PeAAoJEPXCUD/44PWqviUQAKBzwb/B7MHJqqDuNKpvNjN8 /r0f0O/46SB0lvl59bHcN6pLWMHCNgCp1tNNoQrwNmgltZ9vC58KMSUe5iQl6AeC h9t0Fi62lmNifaqogz9cVX2To1m9d1cy7fC9KKK9NH4wl3hbgBgq+Cq1r1xptUk7 NcfoxSJdEV4ia/vFg8Fb8Igxh30jSteaxzPe6H/Ti0moY/V1S/x30Fyhu8rOOi4j tQ3U4Ai9tqjJx5jCzN6HMitodTNOgF/HVLdMH0QKrVgY+Cvo6nuqNlCDgPvc/JSF fw6OjGzjCJxLMhwkktClsTh/EA4ASzf/kcKjxxkYs+YF6hpHR/h6gJA/YMRn2OYQ 3+XOG5n/qxd9AQM3/P4kiFq8pJpQm7b9a6499diqpe0U5xXJ+7dBSeaRBOcbIyGb 79DZowkIXw5HRpKo5roovfVmzEzHKKFU2rjLGCEJRJYDe5NS0Twu3WdQbhoasVXa S2SCeDK74pnF8ybHJiXTiIP2ma9V1yFBrc1tI5YYNx5TW8oPX0oW/UhUXRnT4Z7n KrLsnKrmFkri7xDYill6GFOBMmaibjRNAqim26EY0fGkgrE42yVg0InuFiNAJ2cr io2m9tQD0YY004OX5xwWRo4V++X+HgZfztXyI2vO4QygbvedcQOvWimcBRZYxYpg JwW3N3uvwjs+tBuqL/Zj =fqLi -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encrypt Error - There is no assurance this key belongs to the named user
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thomas Chitwood wrote: Yes, that is our key. Have you verified it is trusted on the system you are trying to use it on? Perhaps the key isn't trusted. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIbBAEBAgAGBQJMq9eiAAoJEPXCUD/44PWqevsP+JdrIt71gjQg1TVXB2cxie45 oeIe7pEX5/kL7welfwbPwAPjRBCERHYfJTeh13qXvxMEtJ/ilqMJtJFipiIM+0DH 6RbmvNVDViFfsqTnSbrHpDKnPbXzYhbr5k67jU2uUP34saUA7oZJgT1A3FVe67Pr iD93pjzxyeXM8t0WMTY01duQWVOBsfdsCjQCrKx3ouZLq10S/peYwhRv9hRCQDUA TLfXDnLgbumRu1c5+3yyInztUGAznWqLcKoqc+2K6CEwTkPYB2OwRw2ZVyc1zfjm xR4Zlec/9BYagq4w6zN1g7LocQ3OwiiUnRCafl6ZU9gZU2oeS6ULL003reFfcSER SNKMUxgUzH6YNBQmh7d8qhUTktPC8XSiQZRun8iil7PoeWfhcBC0/tdCw7/9OnkL m0bAA1jFeQcEHEjWlQMZvFKhfsn/OMUju52X3m3SrhxUx0HQt/uYTMttpxyJwvnN GH2o3+klajfAfZUfzlUYk342hPYyK3O7jI5j04S1jJSTar8kLB02vqj4basD3+Uv mTlvK2TWOUZBW1kqefUx6GNnIPHUwl0dMrOoe/JtE6JRBbTFVYdCNEyOPjUeFQeS kR76YmQTmOufKAOa0sMYiPoDhJhwpjwQfm+3+/kaqFwlYZtijXrMP2fxtFrPgRqI i1TY+s6p9zTMmiTpflw= =SEBx -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
