> Now I want to import someone else's key to verify a signature. In order > to verify that signature, I need to at least locally sign the owner's > key, AFAIK. However, I would need my offline master key (read: really > inconvenient) to issue a signature.
I'm no expert, but as far as I know you don't need to locally sign a key to verify a signature. My understanding is that setting the local trust should be sufficient to make GnuPG happy. See https://www.gnupg.org/gph/en/manual/x334.html (Someone please correct me if I'm wrong...) _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users