Changing & verifying the --max-cert-depth in Windows
David Shaw
dshaw at jabberwocky.com
Thu Mar 4 19:12:31 CET 2010
On Mar 4, 2010, at 8:18 AM, erythrocyte wrote:
> Hi,
>
> I have installed the CLI version of GPG.
>
> I understand that GPG options have to be set in a configuration file.
> The configuration file can be created if it doesn't exist as per a
> previous thread here
>
> http://lists.gnupg.org/pipermail/gnupg-users/2008-December/035146.html
>
> I added the following line in my gpg.conf :
>
> max-cert-depth 3
>
> And then ran:
>
> gpg --update-trustdb
>
> And then:
>
> gpg --check-trustdb
>
> And here's the output of the last command:
>
> gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
> gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
> gpg: next trustdb check due at 2011-03-03
>
> It mentions that the --marginals-needed option is set to 3. And
> --completes-needed option is set to 1. Which I think I'm okay with.
> But the depth mentioned is 0!
I suspect you don't have any ultimately trusted keys to build your trustdb from. Run gpg --edit-key on your own key and set the trust to ultimate. Then try the --update-trustdb again. GPG will then follow the paths from your key, to keys you have signed, to keys they have signed, etc.
David
More information about the Gnupg-users
mailing list