no-ask-cert-level, default-cert-level, and keysigning
Bob Proulx
bob at proulx.com
Mon Nov 28 02:04:56 CET 2005
I recently signed a key using gpg-1.4.1 and see that (at least on my
Debian Sarge system) no-ask-cert-level apears to be the default
default-cert-level is "0 (no particular claim)".
In the old days I remember it would always ask this question upon
signing and so assume the default must have been ask-cert-level. Now
it does not ask and unless you add that option ahead of time it will
create a signature without any claim. I have been out of touch and
thought I would ask about the current status of these levels in a
signed key. I would appreciate the education.
If a key has been signed with a default-cert-level of 0 is it possible
to go back and edit the key signature and increase the level on a key?
I could not find a way to do this. The best I could find was to
delete the key plus signature and sign it again using a different
level. Of course that worked.
Is this cert level no longer considered useful? Should I not include
a cert level with keys I sign now? Or should we always add that
option when signing a key? What is the standard proceedure?
Thanks
Bob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : /pipermail/attachments/20051127/5d24faf1/attachment.pgp
More information about the Gnupg-users
mailing list