this year's PGP key

[Ralph Sanford]

On Sun, 2003-01-12 at 05:46, Bonez wrote:
> Doug:
> 
> How does this work? I am using GPG on my system, and have a key. What I am 
> wondering is how do you manage keys from others. For example, let's say that 
> you and I were exchanging email frequently, and we wanted to exchange mail 
> that needed encryption, validation, etc. Do you have a specific directory you 
> keep all PGP keys in, and then reference that directory when decrypting a 
> message from someone whose key you have? 
> 
> Thanks,
> 
> Scott - a newbie to encrypted email

Hi Scott,

Just to add my 2 cents here.

All the public keys that you hold on your computer should be saved in a
"public key" file.  This file is called "pubring.gpg" in the directory
home/~/.gnupg .   If you were using PGP then the public keys would be
held in a file "pubring.pkr".

This public key file is commonly referred to as your public keyring. 
You should ensure that your email or other programs that need access to
the public key ring are directed to this location.  Yes, all your public
keys are kept in this key ring.  There are a variety of gpg utilities
that can help you manage your public keyring such as geheimnis or gpa.

To add Doug's key you would get a copy from his website or a public
keyserver and then import his key into your keyring.  Importing can be
done by command line or one of the utilities.  Then set the trust and
validity of Doug's public key and you are ready to use that key.

As a point of information regarding managing public keys on your
keyring, do not routinely delete -old- public keys.  If you delete the
-old- public keys then you will have difficulty verifying old saved
messages.

HTH

-- 
Ralph Sanford       -       If your government does not trust you,
rsanford at telusplanet.net   -   should you trust your government?

DH/DSS Key   -   0x7A1BEA01