Here's the typical output of a run of "gpgv" over a signature that i made myself:
gpgv: unknown type of key resource 'trustedkeys.kbx'
gpgv: keyblock resource '/home/dkg/.gnupg/trustedkeys.kbx': General error
gpgv: Signature made Tue 24 Jan 2017 06:13:54 PM EST
gpgv: using RSA key 38276051EA477FA3E49539321498ADC6C1923237
gpgv: Can't check signature: No public key
I've got nothing in trustedkeys.kbx:
0 dkg@alice:~$ ls -la ~/.gnupg/trustedkeys.kbx
ls: cannot access '/home/dkg/.gnupg/trustedkeys.kbx': No such file or directory
So i think the first two files are actually trying to tell me "I have no list of
trusted keys; if you wanted me to use the default, you should place them in
trustedkeys.kbx" but it seems unlikely any normal human would understand that
idea from the messages provided.
Also, "no public key" seems like a strange message. that's my key! (of course,
i know that gpgv isn't looking in my pubring.kbx, but again to non-expert users
that seems like a confusing message).
Please see https://bugs.debian.org/852019 for examples of this confusion.
It would be good to have clearer error messages from gpgv, especially in this
common case where gpgv has no access to a trusted, curated keyring at all.