By definition, there are no trusted sources — you have to agree to trust them before they can be added to your Trusted Publishers list. When you first try to open any file that contains a macro or a digital signature, you'll see a Security Warning dialog box (see the picture on the left).
When you select the Always trust macros from this publisher check box, that publisher is added to your trusted sources for both macros and other files. But if you click Enable Macros, the macro will run just that particular time.
You only have to accept a certificate once, and in the future all files signed with that certificate will be accepted. Therefore, it's important to check whether certificates are current. Instructions on how to set up revocation checking are listed in the Quick Reference Card.