On Sat, 1 Jun 2019 14:49, [email protected] said: > Well but if I import the key, then I don't need to add it to the > trustedlist file
The trustlist.txt list those certificates which are valid as root certificates. Importing a certificate does not add it to this list for obvious reasons: All kind of certificates are imported all the time without the user noticing (e.g. those sent as part of an S/MIME mail). Root certificates are the trust anchor and thus we need the user's consent to use them in such a way. By default gpgsm asks you whether a certificate, which technically can act as root certificate, shall be granted the trusted status (i.e. used as a root certificate by being added to trustlist.txt). You can change this default by adding "no-allow-mark-trusted" to gpg-agent.conf. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
