How to change trust model

Per Tunedal Casual pt at radvis.nu
Wed May 11 00:16:03 CEST 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 23:58 2005-05-10, David Shaw wrote:
 >On Tue, May 10, 2005 at 11:52:19PM +0200, Per Tunedal Casual wrote:
 >
 >> gpg --trust-model PGP --check-trustdb
 >
 >This is the "new" PGP trust model from PGP 5 and later.
 >
 >> gpg --trust-model classic --check-trustdb
 >
 >This is the standard old trust model from PGP 2.x and GnuPG 1.2.x.
 >
 >For most people, they will not see a difference between these two.
 >Only if you are issuing trust signatures (tsign) will a difference
 >show up.
 >
 >> gpg --trust-model direct --check-trustdb
 >
 >This is a no-trust model, where you set each key trust individually,
 >and there are no calulations necessary.
 >
 >> I don't see the difference between them. I am interested in the
 >> implications for the validity of keys. How can I make the best use
 >> of
 >> a signature from a CA?
 >
 >I can't answer that question in those terms.  I don't know what you
 >want to do, who the CA is, how the CA signs...
 >
 >David
Hi,
 >Only if you are issuing trust signatures (tsign) will a difference
 >show up.

There you told something interesting. I haven't heard of that command
before.

Scenario:
A new user has to quickly download keys to his contacts. The keys are
signed by a mutually trusted CA.
How can he get valid keys to use trusting the CA, rather than having
to check  and sign each of them?

Per Tunedal



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
Comment: Vad är en PGP-signatur? www.clipanish.com/PGP/pgp.html

iD8DBQFCgTKfpPsTvNtsBX8RAlvQAJ4xhZ95ulvGtQGQoESlPzEEHo7BbwCcCB9N
UDlRBxDshskz4Shd6lQHgek=
=9WUZ
-----END PGP SIGNATURE-----





More information about the Gnupg-users mailing list