On 3/4/2010 8:18 AM, erythrocyte wrote: > > And then: > > gpg --check-trustdb > > And here's the output of the last command: > > gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model > gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u > gpg: next trustdb check due at 2011-03-03 > > It mentions that the --marginals-needed option is set to 3. And > --completes-needed option is set to 1. Which I think I'm okay with. > But the depth mentioned is 0! > > Why hasn't it changed? And how do I verify my current --max-cert-depth value? >
If you haven't signed any keys, then there's nowhere to go. The certificate depth starts with keys you've signed. Then it looks at the keys those keys have signed. Etc. Etc. Since you haven't signed any keys, the chain of trust doesn't have anywhere to begin. So it's showing that the only key you trust is your own, that's the 1u, and that's at the zeroth level of certificate depth. If you want to test, sign a few keys with the local non-exportable option and you'll see depth: 1 and possibly more. Or maybe locally sign something like the PGP Global Directory key, or configure the gswot keys.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
