[GTALUG] Key Signing follow up, what shall I do next?

Sergio Durigan Junior sergiodj at sergiodj.net
Thu Apr 19 13:24:09 EDT 2018


On Wednesday, April 18 2018, Antonio Sun via talk wrote:

> So I attend the Key Signing party, exchanged my signatures, and even get
> emails telling me that my key is signed.
>
> I'm now a bit lost on what shall I do next, and trying to google for the
> answer didn't help much either.

Hey Antonio,

Basically, the person who signed your key (assuming that he followed the
good practices) will have your key e-mailed to you in the ASCII armored
format.  You will need to save this file on your computer, import it
using:

  gpg2 --import FILE

and then verify that the new signature(s) are OK, using the
"--list-signatures" option.  After you've verified that everything is
OK, you will then need to upload your key to a keyserver:

  gpg2 --send-key YOUR_KEY_ID --keyserver hkps://hkps.pool.sks-keyservers.net

And that's basically it.

I strongly suggest you read about OpenGPG best practices here:

  <https://riseup.net/en/security/message-security/openpgp/best-practices>

It's important to read and understand them; your key will be used to
identify you, so you need to keep it in good shape.

By the way, I'm still waiting for your encrypted e-mail regarding the
problem with your key IDs.

Thanks,

-- 
Sergio
GPG key ID: 237A 54B1 0287 28BF 00EF  31F4 D0EB 7628 65FC 5E36
Please send encrypted e-mail if possible
http://sergiodj.net/


More information about the talk mailing list