[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#132920: www.debian.org: updated text for keysigning HOWTO

Package: www.debian.org
Version: N/A; reported 2002-02-08
Severity: wishlist
Tags: patch

Based on my experience signing and having my key signed recently I would 
like to suggest some extra text for the keysigning howto at 
http://www.debian.org/events/keysigning (and can I also ask that it linked 
from somewhere more prominent like the developers corner?)

I'm pretty sure the information I added is accurate.  Some of the WML may 
need editting though.

-- 
Jaldhar H. Vyas <jaldhar@debian.org>
It's a girl! See the pictures - http://www.braincells.com/shailaja/

--- keysigning.wml.old	Thu Feb  7 23:52:52 2002
+++ keysigning.wml	Fri Feb  8 00:27:18 2002
@@ -23,6 +23,7 @@
 <li>The key owner verifies that the fingerprint of the key about to be
    signed is indeed their own.
 
+
 </ol>
 
 Most importantly, if the key owner is not actively participating in
@@ -55,19 +56,57 @@
        gpg --keyserver keyring.debian.org --recv-keys 0xDEADBEAF
 </pre>
 
+<p>If the person whose key you  want to sign is not in the Debian keyring, 
+replace keyring.debian.org with a public keyserver like pgpkeys.pgp.net (which 
+despitethe name also stores GnuPG keys.)
+
+<p>Note we can use the last eight hex digits of the key in this and other GnuPG
+operations.  The 0x in front is also optional.
+
 <li> To sign the key, enter the edit menu with
 
 <pre>
        gpg --edit-key 0xDEADBEAF
 </pre>
 
-<li> In GnuPG select all uids to sign with <code>uid n</code>.
+<li> In GnuPG select all uids to sign with <code>uid n</code> where n is the 
+number of the uid shown in the menu.  You can also press enter to sign all
+the uids.
 
 <li> To sign a key, enter <code>sign</code>.  You will then be shown
      the fingerprint of they key which you have to compare with the
      one you've got from the person you met.
 
 <li> Quit GnuPG with <code>quit</code>
+
+<li> To verify you have signed the key correctly, you can do:
+
+<pre>
+       gpg --list-sigs 0xDEADBEAF
+</pre>
+
+You should see your own name and fingerprint (in short form) in the output.
+
+<li> Once you are satisfied everything went ok you can send the signed key
+to its' recipient by doing:
+
+<pre>
+       gpg --export -a 0xDEADBEAF > someguys.key
+</pre>
+
+<p>The <code>-a</code> option exports the key in ASCII format so it can be
+emailed without possibility of corruption.
+
+<li> If someone signs your key in this manner, you can add it to the Debian
+keyring by doing:
+
+<pre>
+       gpg --import mysigned.key
+       gpg --keyserver keyring.debian.org --send-keys &lt;your key id&gt;
+</pre>
+
+<p>It may take a while for the keying maintainers to update your key so be 
+patient.  You should also upload your updated key to the public keyservers.
 
 </ul>
Reply to: