> > The warning is evident: Andrew's key is not signed. Questions about this > have been asked before, and the reason is probably that most of the > Qubes team are using split-gpg (www.qubes-os.org/doc/split-gpg) with > subkeys. If you review that page then you will see that one of the > downsides of using subkeys is that it's not possible to sign other > people's keys. > > This doesnt mean that you cant trust Andrew's key - there are many > things you can do to check that it is the right key and belongs to him. > What you cant do is hand off that process of establishing trust to some > one else (and that is what the web of trust does). > > Hope that's somewhat clear > > unman
Perfectly clear. I had noticed the subkey, but hadn't connected the dots. Thank you for taking the time to answer. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b67c796b-1290-4eba-bcf7-d85e4a659105%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
