- In order to use a key, that key must also be trusted.
- Once a key is trusted at a high-enough trust level, signing a key will no longer be necessary to use it.
- A key can become trusted it by signing it or explicitly trusting it.
- For a summary of how trust relationships work and the Web of Trust model, see here.
We will only provide instructions for explicitly trusting a key using the gpg command:
All commands must be run from the hrstgif service account on either stageprodapp01 or stagetestapp01.
References
- https://en.wikipedia.org/wiki/Public-key_cryptography
- https://en.wikipedia.org/wiki/RSA_(cryptosystem)
- https://en.wikipedia.org/wiki/Pretty_Good_Privacy
- https://en.wikipedia.org/wiki/GNU_Privacy_Guard
- https://www.gnupg.org/gph/en/manual/x334.html
- https://www.gnupg.org/gph/en/manual/c235.html
- http://www.pgp.net/pgpnet/pgp-faq/pgp-faq-key-signatures.html
- http://www.iusmentis.com/technology/remailers/selfsign.html
- http://www.heureka.clara.net/sunrise/pgpsign.htm
- https://idea-instructions.com/public-key/
0 Comments