I'm having an issue with some of my clients being unable to open email attachments when I sign the messages. The error they get is something like (free translation):
Error: cannot open. The digital signature could not be validated.
Checking the sent message with gpg produces the following:
gpg: Good signature from "John Doe <john@doe.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
I would like to keep signing and eventually encrypt all communications leaving my office, but I need to solve the attachment issue.
- How would I go about solving this? Is it a matter of the receiving end marking my signature as trusted? Is there a way to do this that doesn't involve an action from the receiver (key server?)?