gpg: Signature made Wed Sep 15 12:08:31 1999 EDT using DSA key ID 2FA3BC2D gpg: Good signature from "Wichert Akkerman <[EMAIL PROTECTED]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. gpg: Fingerprint: 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D
I get this with every signature verification. It didn't mention anything about trusted signatures, etc., in the keysigning-howto. Is it just an annoyance or can I set up something with my trustdb in gpg which will stop this? (Is there one person who signs all Debian developer keys?) Also, I think I read something about dpkg-buildpackage automatically choosing gpg when you haven't got a .pgp/secring.pgp - I haven't got one, but it still chooses PGP anyways. What's up? (My pgp keyrings are in the ~/.gnupg directory)
