On 18-10-02 01:21:03, Clark Dunson wrote: >gpg: WARNING: This key is not certified with a trusted signature! > >gpg: There is no indication that the signature belongs to the owner. > >Primary key fingerprint: E966 46BE 08C0 AF0A A0F9 0788 A5FE EE3A C793 7444 > > Subkey fingerprint: 6EB6 0B63 7CE5 ACBF 2449 A2DA DB27 E997 429A F20C > >Is there a concern here? This is just a warning that you have not personally signed the key, ie verified that you know this person. gpg just knows that key X was used to sign the package, it doesn't know if the key truly belongs to the owner - that's on you to find out. If you are 100% sure (usually after meeting the owner) you can sign the key to avoid the warning.