ownertrust level of imported secret keys
Hauke Laging
mailinglisten at hauke-laging.de
Fri Nov 9 19:33:10 CET 2012
Hello,
I noticed a behaviour which could be improved. If a key is generated then its
ownertrust is set to ultimate. But if a secret key is imported the ownertrust
keeps unchanged.
I guess that the idea behind this may be that you can be sure that noone else
can create a signature by a key you have generated but that the import of a
secret key can mean that someone else has shared his secret key with you which
does not make signatures of that key more trustworthy.
As I think that people should be advised to use offline mainkeys so they
should not be bothered with unnecessary problems arising from that. Thus I
suggest to output a warning / hint if a secret key is imported. Something
like:
"You have imported a secret key. It may be useful (probably if you are the
only owner of this secret key) to set the trust level of this key to ultimate
(see --edit key trust)."
Or even ask and do it.
Hauke
--
☺
PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 572 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20121109/ef10b343/attachment.pgp>
More information about the Gnupg-users
mailing list