Signing a key?
Confused a little:
When I download/Import a key from someone, I am supposed to sign
it, right?
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Steve on 10 Aug, 2012 07:08 PM
Hey Bill, I'm working on an FAQ about Web of Trust and key signing. It's not ready yet so I'm copy pasting what I have so far:
If you have no clue, what the web of trust is, the best starting point is the according Wikipedia article. I'd suggest that as a starting point.
If you're more the tl;dr type of person, here's a short explanation by Phil Zimmermann in the 1992 manual for PGP version 2.0:
Important: No, you should not sign every single key you have in your keychain.
Does that help already? Key signing is done via GPG Keychain Access and there in the key inspector.
Let me know if that info is sufficient or if you need more advise.
All the best,
steve
Please consider a donation. We do all this in our spare time.
2 Posted by Bill on 11 Aug, 2012 03:32 AM
Ok, so I would only sign a key that I am absolutely sure of the identity of the key owner.
Support Staff 3 Posted by Steve on 12 Aug, 2012 04:23 PM
Hey Bill,
no that's also not the case. Open GPG Keychain Access and double click the key you'd like to sign. Then go to the second tab (User-IDs) then in the bottom field click "+". There you can also choose the level on which you checked the identity. So you can also set that to "I didn't really check anything" but then the question is, why you would wanna sign the key.
So as you see, it's like grey colors. Neither white not black and no simply answer.
But having your friends sign your key and singing theirs is in general a good idea.
Cheerios,
steve
Support Staff 4 Posted by Steve on 24 Aug, 2012 04:49 PM
No further user feedback. Closing.
@Bill: Should your problem persist, feel free to re-open this discussion any time.
All the best,
steve
Steve closed this discussion on 24 Aug, 2012 04:49 PM.