tag:gpgtools.tenderapp.com,2011-11-04:/discussions/feedback/16041-verify-signatureGPGTools: Discussion 2020-07-27T14:58:04Ztag:gpgtools.tenderapp.com,2011-11-04:Comment/484572092020-07-11T05:29:56Z2020-07-11T05:29:57ZVerify Signature???<div><p>So...</p>
<p>If the "ownertrust" is set to "unknown," or set to anything OTHER than "Ultimate," when you check the signature GPG Keychain returns "The signature is not to be trusted."</p>
<p>If, however, you change the trust to "Ultimate," it returns a seemingly "favorable" response, saying that the signature is trusted.</p>
<p>All this time I assumed I was doing something wrong while trying to verifying a signature, but I was not. Your app returns a message that is highly confusing to and unclear! While the ownertrust is marked anything but "ultimate," BUT the signature DOES in fact match, it still says "signature should not be trusted." But it now seems to me that "signature should not be trusted" only refers to the "trust level" that I've set for that contact and NOT for the "correctness" of the signature itself. Jeez Louise!!!!!!</p></div>Michaeltag:gpgtools.tenderapp.com,2011-11-04:Comment/484572092020-07-13T18:13:28Z2020-07-13T18:13:28ZVerify Signature???<div><p>Hi Michael,</p>
<p>welcome to the GPGTools support platform. Sorry you are having problems using GPG Suite.</p>
<p>This <a href="https://gpgtools.tenderapp.com/kb/how-to/trusting-keys-and-why-this-signature-is-not-to-be-trusted">KB-article</a> explains how to verify and sign a key and also elaborates on why a signature is untrusted and that that is not necessarily a problem (depending on your use-case and required trust).</p>
<p>All the best,<br>
Steve</p></div>Steve