ant-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Bodewig <bode...@apache.org>
Subject Re: I signed jakarta-ant-src.zip on archives.apache.org
Date Mon, 18 Aug 2003 13:52:26 GMT
On Mon, 18 Aug 2003, Antoine Levy-Lambert <antoine@antbuild.com>
wrote:

> I do not know why I am getting the warning saying that the key is
> not certified with a trusted signature.

It says that the signature is a valid signature done by my key.  This
is the most important result.

The "not certified" part means that you haven't told GnuPG to trust
that key (which is fine, you cannot be sure that it really is mine)
and that it isn't signed by anybody you trust (any signature you've
told GnuPG you'd trust).

> something special to say that "Stefan Bodewig is trusted" ?

Yes, edit your keyring via whatever means you chose to do so (command
line or GUI client).

Don't blindly trust keys you haven't verified in any way.  And in
particular, don't sign any key you are not 120% sure is authentic.

Stefan

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ant.apache.org
For additional commands, e-mail: dev-help@ant.apache.org


Mime
View raw message