mutt/gpg reports untrustworthy? & gpg sig script Re: AFTER THE PARTY [was Re: ANNOUNCEMENT: Bay Area Debian Get-Together and Key-signing Party]
Tony Godshall
togo@of.net
Tue, 10 Jul 2001 19:10:47 -0700
Ok, this is wierd.
I personally signed M. Drew's key, and my gpg --list-keys
confirms it, but when I read a message from him in mutt I get this:
[-- PGP output follows (current time: Tue Jul 10 19:01:34 2001) --]
gpg: Signature made Tue Jul 10 14:49:56 2001 PDT using DSA key ID 66FBC18C
gpg: Good signature from "M. Drew Streib <dtype@dtype.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
gpg: Fingerprint: 4FA5 B256 ACD7 A628 401B 0B39 8368 BB59 66FB C18C
[-- End of PGP output --]
I interpret this to mean that it successfully contacted a
keyserver (causing a mere fractional-second delay in reading
the message, this time) but that it doesn't think the key
should be trusted. But I know it's in my keyring and signed
by myself.
[M. Drew]
...
> > If you want to pull new sigs from all the keys in your ring, try the
> > following perl.
> >
> > #!/usr/bin/perl
...
[Seth]
> gpg --list-keys | grep ^pub | cut -c12-20 | xargs gpg --keyserver pgp.dtype.org --recv-keys
[M. Drew]
> gpg --update-trustdb
Cool. I packaged mine up so:
#!/bin/bash
if [ -z "$*" ]
then
keyservers="pgp.dtype.org keyring.debian.org"
else
keyservers="$*"
fi
for keyserver in $keyservers
do
gpg --list-keys \
| grep ^pub \
| cut -c12-20 \
| xargs gpg --keyserver $keyserver --recv-keys
done
gpg --update-trustd
###