NoCeM PGP Key Management
PGP key management is one of the trickier problems with nocem.
Please be sure to read the sections of the PGP documentation that
relate to key security issues. While the algorithms behind PGP are
very strong, it worse than useless if you aren't careful with your
keys.. Please note that I have signed the keys of the 3 other
people who are issuing nocem notices, and included them in the NoCeM
distribution. Chris Lewis, Benjamin Franz, and Richard Depew have
issued a large number of notices with the keys that I signed. Even
though I haven't personally met them for verification, if they are
impostors, then it's the impostors who have done all the work.
Therefore I think it's safe for me to sign their keys.
- To extract someone's PGP key from the public keyservers, you
can:
read the directions at the WWW Public Keyserver:
http://www-swiss.ai.mit.edu/~bal/pks-toplev.html
or send mail with "Subject: help"
To: pgp-public-keys@pgp.ai.mit.edu
Once you follow those directions, save the ascii PGP key in a file. For
this example, call it foo.asc
- To add that key to your nocem ring,
assuming that you saved the key in foo.asc
and that your nocem keyring is ~/.ncm/ncmring.pgp
then you should type:
pgp -ka foo.asc ~/.ncm/ncmring.pgp
- To remove a key from your nocem ring:
If you've decided that "cancelpoodle" is not
using what you consider to be fair criteria for issuing notices,
and as above, your nocem keyring is ~/.ncm/ncmring.pgp
then you should type: (The program will ask for verification.)
pgp -kr cancelpoodle ~/.ncm/ncmring.pgp
- To see who is in your nocem ring:
(You can also set this to display every time you run nocem --
look at $showalways in ncm.head)
pgp -kv ~/.ncm/ncmring.pgp
If you want information on who has signed those keys, use:
pgp -kvv ~/.ncm/ncmring.pgp
If you want to display the fingerprints of the keys, use:
pgp -kvc ~/.ncm/ncmring.pgp