2 You can see your trust database parameters like this:
4 gpg --with-colons --list-key bogusgarbagehere 2>/dev/null | head -n1
6 for me, it looks like this:
8 tru::1:1220401097:1220465006:3:1:5
10 These colon-delimited records say (in order):
12 * `tru`: this is a trust database record
13 * `<empty>`: the trust database is not stale (might be 'o' for old, or 't' for "built with different trust model and not yet updated")
14 * `1`: uses new "PGP" trust model: this is just the old trust model plus trust signatures. I'll go into trust signatures later.
15 * `1220401097`: seconds since the epoch that i created the trust db.
16 * `1220465006`: seconds after the epoch that the trustdb will need to be rechecked (usually due to the closest pending expiration, etc)
17 * `3`: Either 3 certifications from keys with marginal ownertrust are needed for full User ID+Key validity
18 * `1`: Or 1 certification from a key with full ownertrust is needed for full User ID+Key validity
19 * `5`: max_cert_depth (not sure exactly how this is used)