diff --git a/g10/ChangeLog b/g10/ChangeLog
index d30496eb7..a4bd26830 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,14 @@
+2002-12-04  David Shaw  <dshaw@jabberwocky.com>
+
+	* trustdb.c (validate_keys): Show trust parameters when building
+	trustdb, and make sure that the version record update was
+	successful.
+	(init_trustdb): If the current parameters aren't what was used for
+	building the trustdb, the trustdb is invalid.
+
+	* tbio.c (tdbio_db_matches_options): Update to work with new
+	trustdbs.
+
 2002-12-03  David Shaw  <dshaw@jabberwocky.com>
 
 	* tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Store
diff --git a/g10/tdbio.c b/g10/tdbio.c
index 45fae047c..993cb06f3 100644
--- a/g10/tdbio.c
+++ b/g10/tdbio.c
@@ -639,36 +639,25 @@ create_hashtable( TRUSTREC *vr, int type )
 int
 tdbio_db_matches_options()
 {
-    static int yes_no = -1;
+  static int yes_no = -1;
 
-    if( yes_no == -1 ) {
-	TRUSTREC vr;
-	int rc;
+  if( yes_no == -1 )
+    {
+      TRUSTREC vr;
+      int rc;
 
-	rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
-	if( rc )
-	    log_fatal( _("%s: error reading version record: %s\n"),
-						    db_name, g10_errstr(rc) );
+      rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
+      if( rc )
+	log_fatal( _("%s: error reading version record: %s\n"),
+		   db_name, g10_errstr(rc) );
 
-	if( !vr.r.ver.marginals && !vr.r.ver.completes
-				&& !vr.r.ver.cert_depth )
-	{   /* special hack for trustdbs created by old versions of GnuPG */
-	    vr.r.ver.marginals =  opt.marginals_needed;
-	    vr.r.ver.completes =  opt.completes_needed;
-	    vr.r.ver.cert_depth = opt.max_cert_depth;
-	    rc = tdbio_write_record( &vr );
-	    if( !rc && !in_transaction )
-		rc = tdbio_sync();
-	    if( rc )
-		log_error( _("%s: error writing version record: %s\n"),
-						db_name, g10_errstr(rc) );
-	}
-
-	yes_no = vr.r.ver.marginals == opt.marginals_needed
-		 && vr.r.ver.completes == opt.completes_needed
-		 && vr.r.ver.cert_depth == opt.max_cert_depth;
+      yes_no = vr.r.ver.marginals == opt.marginals_needed
+	&& vr.r.ver.completes == opt.completes_needed
+	&& vr.r.ver.cert_depth == opt.max_cert_depth
+	&& vr.r.ver.trust_model == opt.trust_model;
     }
-    return yes_no;
+
+  return yes_no;
 }
 
 
diff --git a/g10/trustdb.c b/g10/trustdb.c
index 8c732bb99..a49de5ea0 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -424,6 +424,9 @@ init_trustdb()
     BUG();
   if( rc )
     log_fatal("can't init trustdb: %s\n", g10_errstr(rc) );
+
+  if(!tdbio_db_matches_options())
+    pending_check_trustdb=1;
 }
 
 
@@ -1776,6 +1779,11 @@ validate_keys (int interactive)
   klist = utk_list;
   kdb = keydb_new (0);
 
+  log_info(_("%d marginal(s) needed, %d complete(s) needed, %s trust model\n"),
+	   opt.marginals_needed,opt.completes_needed,
+	   opt.trust_model==TM_CLASSIC?"Classic":
+	                  opt.trust_model==TM_OPENPGP?"OpenPGP":"unknown");
+
   for (depth=0; depth < opt.max_cert_depth; depth++)
     {
       /* See whether we should assign ownertrust values to the keys in
@@ -1912,7 +1920,14 @@ validate_keys (int interactive)
           log_info (_("next trustdb check due at %s\n"),
                     strtimestamp (next_expire));
         }
-      tdbio_update_version_record();
+
+      if(tdbio_update_version_record()!=0)
+	{
+	  log_error(_("unable to update trustdb version record: "
+		      "write failed: %s\n"), g10_errstr(rc));
+	  tdbio_invalid();
+	}
+
       do_sync ();
       pending_check_trustdb = 0;
     }