2

An issue based on this post.

If you want to trust a public key, two commands can achieve the target:

gpg --edit-key someone's_public_key gpg --sign-key someone's_public_key

The obvious point that i can find is you have 6 choice to choose in --edit-key:

gpg> sign 1 = I don't know or won't say 2 = I do NOT trust 3 = I trust marginally 4 = I trust fully 5 = I trust ultimately m = back to the main menu

Is gpg --sign-key someone's_public_key = gpg --edit-key someone's_public_key (option 5)?
What is the other main points between them?

Improve this question
1
  • Please note that the following may be nonsense because I am not a GPG expert and because I can't test it at the moment. Having said this: I vaguely remember that --edit-key provides a sub-command check which lets you check the signatures (hopefully including trust levels). Perhaps you can figure it out that way: Use --sign-key to sign, then use --edit-key with check to find out what has happened (notably, which trust level has been set). If this works, I'll add it as an answer. If it's nonsense, I'll just delete that comment. Commented Apr 21, 2022 at 15:30

1 Answer 1

Reset to default
1
+50

My man gpg says:

 --sign-key name Signs a public key with your secret key. This is a shortcut version of the subcommand "sign" from --edit.

As there is no option --edit, but there are --edit-key and --edit-card, I'd assume they meant --edit-key, and it is indeed the same (modulo defaults for choices).

Improve this answer
2
  • But there are 6 kinds of status for --edit-key,no such status for --sign-key.They can't be equal. Commented Apr 22, 2022 at 14:09
  • They are not "equal", one is a shortcut. Commented Apr 22, 2022 at 18:25

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.