Need help with gpg basic questions

view story

http://www.linuxquestions.org – Hi this is what happened when i tried to verify a clamav source download: Code: me@cat-OEM$ gpg --verify clamav-0.97.8.tar.gz.sig clamav-0.97.8.tar.gz gpg: Signature made Wed 17 Apr 21:19:53 2013 BST using DSA key ID 64221D53 gpg: Good signature from "Sourcefire VRT (Sourcefire VRT GPG Key) <[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg:          There is no indication that the signature belongs to the owner. Primary key fingerprint: B964 E6D7 BC7D 7C82 CCB8  D458 40B8 EA23 6422 1D53 So should i (HowTos)