Effects of --default-cert-level
Werner Koch
wk at gnupg.org
Mon Oct 13 10:02:33 CEST 2025
Hi!
On Fri, 10 Oct 2025 23:51, Daniel Cerqueira said:
> I am studying GnuPG, and I would like to know what are the effects of
> using '--default-cert-level', besides it adding a number information in
> the output of '--check-sigs' ? Are there some (other) effects?
Key signatures have different classes: 0x10 to 0x13 which correspond
with the cert levels. If you create a self-signature (e.g. new
user-id) level 3 is used. In all other cases level 0 is used by
default or whatever youset with --default-cert-level.
When evaluating the validity of a key (building the trustdb) by default
only key signatures of level 0, 2, and 3 are considered. This can be
changed with --min-cert-level.
Shalom-Salam,
Werner
--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 284 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20251013/dfc6dd19/attachment.sig>
More information about the Gnupg-users
mailing list