[pkg-gnupg-maint] Bug#977909: Bug#977909: gnupg: `--trust-model always` doesn't trust keys
Ansgar
ansgar at debian.org
Tue Dec 22 21:41:06 GMT 2020
On Tue, 2020-12-22 at 19:53 +0100, Werner Koch wrote:
> > The output then contains:
> >
> > > gpg: WARNING: Using untrusted key!
>
> Look here:
>
> if (opt.trust_model == TM_ALWAYS)
> {
> if (!opt.quiet)
> log_info(_("WARNING: Using untrusted key!\n"));
>
> It is just a warning - use --quiet to silence this warning.
The warning is incorrect as GnuPG was told that the key is trusted.
If you feel there should be a warning please make it something like
"WARNING: GnuPG recommends not using --trust-policy=always" or
"WARNING: Key only trusted due to --trust-policy=always" or something
like this.
> > If I try to use python3-gpg to verify the signature, the signatures
>
> I am not sure what python3-gpg is.
The official Python bindings for GPGME.
Ansgar
More information about the pkg-gnupg-maint
mailing list