i have mutt set up with gpg. when verifying a message, gpg gives the following output:
[-- PGP output follows (current time: Wed Jun 5 13:45:19 2002) --] gpg: Signature made Wed Jun 5 13:24:25 2002 MDT using DSA key ID D654075A gpg: Good signature from "Todd <[EMAIL PROTECTED]>" gpg: aka "Todd <free??[EMAIL PROTECTED]>" gpg: aka " <free??[EMAIL PROTECTED]>" gpg: aka "Todd <[EMAIL PROTECTED]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. gpg: Fingerprint: 0A55 D9D6 055E E2B9 99E9 7817 BAFF B4F4 D654 075A [-- End of PGP output --] however, mutt then says "PGP signature could NOT be verified." is that because of the warning that the key in not certified with a trusted signature or is there some problem? it seems to me from the gpg output that the signature was verified to have been signed with the public key but that the key wasn't certified by a trust path. now, i'm not picky about what one says versus the other or about what one or the other thinks is verified v. certified, i'm just curious as to what the story is. anyone? thanks, -- Peter Abplanalp Email: [EMAIL PROTECTED] PGP: pgp.mit.edu
msg28628/pgp00000.pgp
Description: PGP signature
