GnuPG distribution key with no trust
    mailinglisten at posteo.de 
    mailinglisten at posteo.de
       
    Mon May 31 23:08:39 CEST 2021
    
    
  
Hello,
is there a reason why the new software distribution key for GnuPG (
0x528897B826403ADA ) comes with no chain of trust at all? It does not
have any signature from any preceding key.
Past distribution keys like 0x53B620D01CE0C630 had signatures from other
keys you might have trusted like e.g. 0x5DE249965B0358A2
This makes it virtually impossible to build any trust in this new
distribution key.
Not signing such an important key with its predecessor is a severe
neglect of trust IMHO.
Thanks
    
    
More information about the Gnupg-users
mailing list