On 18-10-02 01:21:03, Clark Dunson wrote:
gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: E966 46BE 08C0 AF0A A0F9 0788 A5FE EE3A C793 7444 Subkey fingerprint: 6EB6 0B63 7CE5 ACBF 2449 A2DA DB27 E997 429A F20C Is there a concern here?
This is just a warning that you have not personally signed the key, ie verified that you know this person.
gpg just knows that key X was used to sign the package, it doesn't know if the key truly belongs to the owner - that's on you to find out. If you are 100% sure (usually after meeting the owner) you can sign the key to avoid the warning.
Attachment:
signature.asc
Description: PGP signature