Penguin

Differences between current version and previous revision of SigningAKey.

Other diffs: Previous Major Revision, Previous Author, or view the Annotated Edit History

Newer page: version 3 Last edited on Sunday, May 14, 2006 1:26:58 pm by CraigBox
Older page: version 2 Last edited on Sunday, February 6, 2005 7:12:41 pm by MattBrown Revert
@@ -1,9 +1,9 @@
 [SigningAKey] is an [OpenPGPConcept] that denotes trust in the KeyValidity of the key being signed. By signing a key, you are indicating that you trust that it belongs to it's owner and that they are who they say they are. 
  
 It is important that you only sign keys where you have personally verified the owners identity, and their possession of the key. You should exercise much care in signing keys, as others may want to use your signatures to determine CalculatedTrust for a key they cannot personally verify. See KeyValidity for instructions on how to verify the validity of a key. 
  
-!! How to Sign a key 
+!! How to sign a key 
  
 * Ensure the public key is in your keyring (if it isn't see [GPG/PGPNotes] for how to find it) 
 * Ensure that you have correctly completed the KeyValidity tasks and are satisified that the key is valid 
 * Open the key in gpg 
@@ -14,8 +14,12 @@
  * sign 
 * Save the changes 
  * save 
 * You should now email the signed key back to it's owner, so they can publish it to their preferred keyserver 
+  
+!!Automating that process  
+  
+See KeySigningScripts, especially the section on 'caff'.  
  
 !! Types of Signature 
 The [OpenPGP] standard defines several different types of signatures that can be used to denote varying levels of trust in the identity of the key's owner. These are