[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: gpg key signing protocol question



also sprach sean finney <seanius@seanius.net> [2002.11.07.1134 -0500]:
> so last night at the LISA 2002 conference in philly there was quite
> a nice keysigning get-together, at which i exchanged something like
> a dozen or two keys with other folks.  now previously, when i had
> signed keys with close friends, we'd just end up doing a bunch of
> gpg --sendkeys and gpg --recvkeys and eventually stuff would just
> kind of work, but i've gotten the impression that there's a standard
> protocol for signing folk's keys--involving mailing the signed key
> back to the owner of the key--is that the case?  if so, what's the
> specific process i should take? (specific commands would be great
> too:)

usually it is prefered to send the key back to the owner via encrypted
(or not) email rather than uploading it to the keyservers, because it
gives power to the owner what to do with the key.

here's what i usually do after i verified someone's identity:

  gpg --recv-key 12345678
  gpg --edit-key !$
  > check
  > fpr
  > sign
  [...]
  > trust
  > save
  > quit

  gpg-mailkeys !$

gpg-mailkeys is from the signing-party package and sends the key
unencrypted to the owner.

-- 
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer, admin, and user
`. `'`
  `-  Debian - when you have better things to do than fixing a system

Attachment: pgpv6gfD9324D.pgp
Description: PGP signature


Reply to: