[GTALUG] Key Signing follow up, what shall I do next?

Antonio Sun tlugys.ats at spamgourmet.com
Wed Apr 18 21:28:15 EDT 2018

So I attend the Key Signing party, exchanged my signatures, and even get
emails telling me that my key is signed.

I'm now a bit lost on what shall I do next, and trying to google for the
answer didn't help much either.

The closest I found is:

GPG Tutorial


and I've checked the following sections:

Updating Keys

People are constantly updating their keys for various reasons:

   - Keys get compromised or lost and they are revoked.
      - Keys are signed by more people, building a Web of Trust
      <https://futureboy.us/pgp.html#WebOfTrust>. . .

Who Signed My Key?

Now that you've updated keys from a keyserver, you might want to see who
has signed your key. After all, *anyone* can sign *any* key and re-upload
that key to a key server. You can see the signatures with the
--list-sigs command
to gpg . . .

However, I'm still at lost understanding them. I.e., I tried both the
suggested commands, but can't see any sign that my key is signed by more
people, and any of their emails.

All that I know is that

- I get an email telling me that my key is signed.

- I'm able to decrypt it, and see an attachment of mykey.asc:


Content-Type: text/plain; charset=UTF-8;


Content-Transfer-Encoding: base64

Content-Disposition: attachment;


What steps I shall do next? (Instruction for the command line is more
welcome than using GUI)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/talk/attachments/20180418/eb780094/attachment.html>

More information about the talk mailing list