NoCeM PGP Key Management

PGP key management is one of the trickier problems with nocem.

Please be sure to read the sections of the PGP documentation that relate to key security issues. While the algorithms behind PGP are very strong, it worse than useless if you aren't careful with your keys..

Please note that I have signed the keys of the 3 other people who are issuing nocem notices, and included them in the NoCeM distribution. Chris Lewis, Benjamin Franz, and Richard Depew have issued a large number of notices with the keys that I signed. Even though I haven't personally met them for verification, if they are impostors, then it's the impostors who have done all the work. Therefore I think it's safe for me to sign their keys.

  1. To extract someone's PGP key from the public keyservers, you can: read the directions at the WWW Public Keyserver:

    or send mail with "Subject: help"


    Once you follow those directions, save the ascii PGP key in a file. For this example, call it foo.asc

  2. To add that key to your nocem ring, assuming that you saved the key in foo.asc and that your nocem keyring is ~/.ncm/ncmring.pgp then you should type:
    	pgp -ka foo.asc  ~/.ncm/ncmring.pgp

  3. To remove a key from your nocem ring: If you've decided that "cancelpoodle" is not using what you consider to be fair criteria for issuing notices, and as above, your nocem keyring is ~/.ncm/ncmring.pgp then you should type: (The program will ask for verification.)
    	pgp -kr cancelpoodle ~/.ncm/ncmring.pgp

  4. To see who is in your nocem ring: (You can also set this to display every time you run nocem -- look at $showalways in ncm.head)
    	pgp -kv ~/.ncm/ncmring.pgp 
    If you want information on who has signed those keys, use:
    	pgp -kvv ~/.ncm/ncmring.pgp
    If you want to display the fingerprints of the keys, use:
    	pgp -kvc ~/.ncm/ncmring.pgp