| Value | Meaning |
|---|---|
| Unknown0 | We do not know whether to rely on identity assertions made by the certificate. |
| Undefined1 | We do not have enough information to decide whether to rely on identity assertions made by the certificate. |
| Never2 | We should never rely on identity assertions made by the certificate. |
| Marginal3 | We can rely on identity assertions made by this certificate as long as they are corroborated by other marginally-trusted certificates. |
| Full4 | We can rely on identity assertions made by this certificate. |
| Ultimate5 | This certificate is an undeniable root of trust (e.g. normally, this is a certificate controlled by the user themselves). |
The trust level of a certificate. Trust level tries to answer the question: "How much is the user willing to rely on cryptographic identity assertions made by the owner of this certificate?"
By way of comparison with web browser X.509 certificate validation stacks, the certificate of a "Root CA" has @GMIME_TRUST_ULTIMATE, while the certificate of an intermediate CA has @GMIME_TRUST_FULL, and an end-entity certificate (e.g., with CA:FALSE set) would have @GMIME_TRUST_NEVER.