Web of trust in Southwest Ohio, USA
jason.barnett at telesuite.com
Thu Jan 20 16:58:28 CET 2005
Jason Barnett wrote:
> Although I have read through the man page as well as a few web sites, I
> am still quite new to GPG. I searched a bit and found this newsgroup
> and hope that you folks can help me with these questions.
> - Can someone give me some advice on how to get started building my "web
> of trust?" I think I understand the basic concept; meet someone in real
> life, verify they are who they say they are and exchange signatures. But
> can someone give me some practical tips to get started? (BTW I live in
> southwest Ohio, USA).
> - Is there a site where I can search *all* of the archives at once? I
> found http://lists.gnupg.org/pipermail/gnupg-users/?1106184443 but I can
> only search within a one month time frame (and I hate to post questions
> that have already been answered).
> - I realize that not every person I email is going to use GPG / PGP so
> I'd like to at least sign every email that I send. What exactly is
> supposed to be in my signature? Is it the encrypted version of the
> email I am sending?
> Thanks in advance for whatever help you can send my way. And if any of
> you are PHP developers feel free to drop me a line some time. :)
After I wrote this I thought of one other question. I submitted my
first public key to several keyservers (you can find it by going to
As I understand it one person will often use multiple private keys
(perhaps one for personal, one for work, one for when you get fired and
start working somewhere else).
- Should I create a personal key and use that as my "primary" private
key... and then assign other keys as "secondary" keys as needed?
I'm asking this mostly from a management perspective. I understand how
to do what I'm asking, I'm just asking if my line of thinking is correct
or if I should be managing my keys in some other way. Thanks again!
More information about the Gnupg-users