2017-02-17 14:42 GMT+01:00 Ricardo Wurmus <rekado@elephly.net>:

>
> Yes, this sounds scary but it is expected.





> With GPG you can assign a
> level of trust to keys.  If there’s a signature on my key from a key
> that you have marked as trusted (e.g. Ludo’s signature, and you mark
> Ludo’s key as trustworthy), then the warning would change or disappear.
> The warning just indicates that there is no “trust path” to my key.
>
> If this were a forged signature you would see a scarier validation
> error, not just a warning.
>


Ok, thanks for clarifying 🙏