Ok, I found a maintainer who will sign my pgp signiture ... but both of us
are lost as to what exactly we have to do to "sign" a signature... Here is
what he thought was the right way to do it.
"I'll come over with my public key. We will compare id's, and then, if
you want, you can sign my public key. You'll also give me a copy of
your public key, for me to bring home and sign. Then I email you the
signed copy of your public key (the email being signed and encrypted, of
course). Does this sound right? I'm a little leery of the need to add
my secret key to your machine in order for me to sign your key, which
appears to be what is needed from my reading of the docs. I could be
wrong, so if there is a better way, let me know."
Is this the "right way"(tm) to do this ... is there a better way? ...
Kevin Poorman <email@example.com> <ewigin.home.ml.org>
Do the Free-Ride <free-ride.home.ml.org>