mirror of
https://github.com/QubesOS/qubes-doc.git
synced 2024-12-25 07:19:33 -05:00
Add another possible reason for "WARNING: This key is not certified...
...with a trusted signature! There is no indication that the signature belongs to the owner." With this edit, I'm aiming to assist the beginner reader who walked the following breadcrumbs: Should I trust this website? ==> verify the PGP signatures on the commits and/or tags Detailed steps suggested by the docs along these breadcrumbs: 1) `git clone git@github.com:QubesOS/qubesos.github.io.git` 2) Verify the PGP sigs on the commits and/or tags a) get properly validated GPG keys (available in the Qubes Security Pack) i. `git clone https://github.com/QubesOS/qubes-secpack.git` ii. `gpg --import qubes-secpack/keys/*/*` iii. Verify/trust the QMSK (details given on the page) b) `cd qubesos.github.io` c) `git verify-commit 45ca80e8` (one of Andrew's recent commits) RESULT: The WARNING pops up, because the user has not yet ultimately PGP trusted Andrew's E11D 15C6 D204 3576 9FFA A456 8CE1 3735 2A01 9A17 key.
This commit is contained in:
parent
649babd88c
commit
b59cbe5420
@ -595,10 +595,13 @@ first.](#3-verify-your-qubes-iso))
|
||||
### Why am I getting "WARNING: This key is not certified with a trusted
|
||||
signature! There is no indication that the signature belongs to the owner."?
|
||||
|
||||
Either you don't have the [Qubes Master Signing
|
||||
Key](#1-get-the-qubes-master-signing-key-and-verify-its-authenticity), or you
|
||||
didn't [set its trust level
|
||||
correctly](#1-get-the-qubes-master-signing-key-and-verify-its-authenticity).
|
||||
Several possibilities:
|
||||
* you don't have the [Qubes Master Signing
|
||||
Key](#1-get-the-qubes-master-signing-key-and-verify-its-authenticity)
|
||||
* you didn't [set its trust level
|
||||
correctly](#1-get-the-qubes-master-signing-key-and-verify-its-authenticity)
|
||||
* in the case of verifying a Git commit or tag, you haven't yet chosen to
|
||||
place ultimate PGP trust in the individual signer's key
|
||||
|
||||
### Why am I getting "X signature not checked due to a missing key"?
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user