lotus

previous page: 6.1. What is key signing? (PGP)
  
page up: PGP FAQ
  
next page: 6.3. Should I sign my own key? (PGP)

6.2. How do I sign a key? (PGP)




Description

This article is from the PGP FAQ, by Jeff Licquia jalicqui@prairienet.org with numerous contributions by others.

6.2. How do I sign a key? (PGP)

Execute the following command from the command prompt:

PGP -ks [-u yourid] <keyid>

This adds your signature (signed with the private key for yourid, if
you specify it) to the key identified with keyid. If keyid is a user
ID, you will sign that particular user ID; otherwise, you will sign
the default user ID on that key (the first one you see when you list
the key with "pgp -kv <keyid>").

Next, you should extract a copy of this updated key along with its
signatures using the "-kxa" option. An armored text file will be
created. Give this file to the owner of the key so that he may
propagate the new signature to whomever he chooses.

Be very careful with your secret keyring. Never be tempted to put a
copy in somebody else's machine so you can sign their public key -
they could have modified PGP to copy your secret key and grab your
pass phrase.

It is not considered proper to send his updated key to a key server
yourself unless he has given you explicit permission to do so. After
all, he may not wish to have his key appear on a public server. By
the same token, you should expect that any key that you give out will
probably find its way onto the public key servers, even if you really
didn't want it there, since anyone having your public key can upload
it.

 

Continue to:













TOP
previous page: 6.1. What is key signing? (PGP)
  
page up: PGP FAQ
  
next page: 6.3. Should I sign my own key? (PGP)