[email protected] wrote:
> First. Does the trust warning screw up FireGPG's signature validity or
> am I missing something else? Second, is this the normal reaction from
> GnuPG v1.4.9?

Can't answer re: FireGPG.  However, this is _a_ normal reaction, but not
_the_ normal reaction.

If you got a signature that purported to be from [email protected],
and it was signed with a key that purported to be from
[email protected], would you actually believe it was from President
Obama?  Or would you say, "wait a minute, /anyone/ can pretend to be
/anyone/ on the internet, I need some confirmation before I'll actually
believe the President is sending me an email"?

That's what GnuPG is warning you about.  There is no evidence the key
really belongs to the person it claims to whom it claims to belong.
Maybe it does, maybe it doesn't, there's no evidence either way.


_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to