Yet another problem with 1.0.6b.
Janusz A. Urbanowicz
alex at bofh.torun.pl
Thu Nov 15 02:30:01 CET 2001
I noticed this while verifying a detached signature against a file - it does
not check the trust database and does not warn about a key not being
trusted:
:alex at sword:[~]:207:> gpg --edit-key Kroeger
gpg (GnuPG) 1.0.6b; Copyright (C) 2001 Free Software Foundation, Inc.
[]
pub 2048R/2842FE69 created: 1996-02-15 expires: never trust: -/-
and I have a detached signature made with this key against a file:
:alex at sword:[~]:208:> gpg freedom-2.4.tar.gz.asc
gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
gpg: It is only intended for test purposes and should NOT be
gpg: used in a production environment or with production keys!
gpg: Signature made Tue Jun 9 19:32:20 1998 CEST using RSA key ID 2842FE69
gpg: Good signature from "Johannes Kroeger <postmaster at squirrel.owl.de>"
gpg: aka "Johannes Kroeger <hanne at squirrel.owl.de>"
gpg: aka "Johannes Kroeger <jkroeger at squirrel.owl.de>"
There is no waring of the key being untrusted, nor the key fingerprint is
displayed.
Alex
--
Janusz A. Urbanowicz | ALEX3-RIPE | SF-Framling | Thawte Web Of Trust Notary
Gdy daję biednym chleb, nazywają mnie świętym. Gdy pytam,
dlaczego biedni nie mają chleba, nazywają mnie komunistą. - abp. Helder Camara
More information about the Gnupg-devel
mailing list