[cs615asa] Public KeyID B80E83A5
Jan Schaumann
jschauma at cs.stevens.edu
Sat May 1 14:04:34 EDT 2010
"Pu (Piper) Zhao" <pzhao at stevens.edu> wrote:
> But when I verify the file hw6.txt.md5.asc, I got this information:
>
> gpg: Good signature from "Jan Schaumann <jschauma at cs.stevens.edu>"
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg: There is no indication that the signature belongs to the
> owner.
I know it's too late for the homework submission, but just to answer the
question: this is a warning indicating, as it says, that you cannot
know whether or not the signature was made by the person you think it
was made by. All you know is that the signature matches. That is, you
have accuracy, but not authenticity. You'd gain assurance of
authenticity when you have established a trustpath between your key and
the key with which the signature was made (see 'web of trust' and
'keysigning').
-Jan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : https://lists.stevens.edu/cgi-bin/mailman/private/cs615asa/attachments/20100501/d12c0079/attachment.pgp
More information about the cs615asa
mailing list