The comments are a necessary feature these days, actually.

It is slightly warped: it says "untrusted comment" because it's outside
of the signed area and shouldn't be taken at face value, BUT if you have
the right public key, AND manage to validate the signature with it, then
it means that it *was* the right key, so in retrospect, you are assured that
it was the right key.

So it says exactly what it means "hey, try that key, you can't be sure it's
the right one, but in retrospect, if it works then you can be sure it WAS
the right key".

Of course, it doesn't say so in so many words.  But it is a very accurate

So it should stay, 100% of the time.

Reply via email to