From owner-freebsd-security Fri Mar 21 2:42:57 2003 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3533437B401 for ; Fri, 21 Mar 2003 02:42:55 -0800 (PST) Received: from pcwin002.win.tue.nl (pcwin002.win.tue.nl [131.155.71.72]) by mx1.FreeBSD.org (Postfix) with ESMTP id 00E8943F85 for ; Fri, 21 Mar 2003 02:42:53 -0800 (PST) (envelope-from stijn@pcwin002.win.tue.nl) Received: from pcwin002.win.tue.nl (orb_rules@localhost [127.0.0.1]) by pcwin002.win.tue.nl (8.12.8/8.12.8) with ESMTP id h2LAgmSZ055974; Fri, 21 Mar 2003 11:42:48 +0100 (CET) (envelope-from stijn@pcwin002.win.tue.nl) Received: (from stijn@localhost) by pcwin002.win.tue.nl (8.12.8/8.12.8/Submit) id h2LAgkn6055973; Fri, 21 Mar 2003 11:42:46 +0100 (CET) Date: Fri, 21 Mar 2003 11:42:46 +0100 From: Stijn Hoop To: budsz Cc: FreeBSD-Security Subject: Re: About *.asc Message-ID: <20030321104246.GG54854@pcwin002.win.tue.nl> References: <20030321081451.GA13163@kumprang.or.id> <20030321082038.GC54854@pcwin002.win.tue.nl> <20030321093158.GA13920@kumprang.or.id> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="nHwqXXcoX0o6fKCv" Content-Disposition: inline In-Reply-To: <20030321093158.GA13920@kumprang.or.id> User-Agent: Mutt/1.4i X-Bright-Idea: Let's abolish HTML mail! Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --nHwqXXcoX0o6fKCv Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Mar 21, 2003 at 04:31:58PM +0700, budsz wrote: > I was import gpgkey in http://www.freebsd.org/doc/pgpkeyring.txt, then I > try to: > $ gpg --edit-key security-officer@FreeBSD.org [snip logs] > Command> save > Key not changed so no update needed. >=20 > This's some problem? No, because the trust database is separate from the key database. The key has not changed, so the message is correct. > But if I try again: >=20 > $ gpg --verify xdr-4.patch.asc > gpg: Signature made Thu Mar 20 08:09:54 2003 WIT using DSA key ID CA6CDFB2 > gpg: Good signature from "FreeBSD Security Officer " > gpg: checking the trustdb > gpg: checking at depth 0 signed=3D0 ot(-/q/n/m/f/u)=3D0/0/0/0/0/1 > gpg: WARNING: This key is not certified with a trusted signature! > gpg: There is no indication that the signature belongs to the ow= ner. > Primary key fingerprint: C374 0FC5 69A6 FBB1 4AED B131 15D6 8804 CA6C DF= B2 >=20 > WARNING message still appeare. how to resolv this? Hmm, that is strange. I thought I did this (with an other key) before, but it seems that you're right. If I set it to 5, 'ultimate trust' the warning disappears. I think I need to read up on the trust relations and GnuPG. For now, if you understand why the message appears you can always ignore it. HTH, --Stijn --=20 I have great faith in fools -- self confidence my friends call it. -- Edgar Allan Poe --nHwqXXcoX0o6fKCv Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+euymY3r/tLQmfWcRAl84AJ9zAfQdK/uQXd2KPnGK5hp0omGeowCePZpp JIuUkz4Nm4vSKWkCUp+If6g= =gelI -----END PGP SIGNATURE----- --nHwqXXcoX0o6fKCv-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message