Keysigning is the process of digitally signing someone else's public key using one's own. A more correct term would be certificate signing, since the actual key material is not changed by the process of signing. However, in the PGP community it is customary not to distinguish in speaking between someone's key and certificate, and the term keysigning is used. (The term PGP refers here to all implementations of the OpenPGP standard, such as GnuPG.)

Users of PGP sign one another's keys to indicate to any third party that the signer trusts the signee. This enables someone who trusts the signer to extend her trust to the signee as well. In this way, a web of trust is built.

PGP users often organize key signing parties, where many people meet in person to verify each other's identity using some printed certificate of identity and then sign each other's keys.

See also


This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.