The GPG Key Signing Recipe

Precondition

$ALICE and $BOB know each other directly and can validate each others identities and keys directly.

Recipe

Here’s what one does recipe

See $BOB sign the $ALICE key:

  • gpg –list-keys
  • gpg –list-keys | grep -C 5 -e $ALICE_EMAIL
  • gpg –fingerprint $ALICE_ID
  • gpg -u $BOB_EMAIL –sign-key $ALICE_ID
  • gpg –armor –output $ALICE_ID-signed-by-$BOB_ID.asc –export $ALICE_ID
  • return $ALICE_ID-signed-by-$BOB_ID.asc

See $ALICE sign the $BOB key:

  • gpg –list-keys
  • gpg –list-keys | grep -C 5 -e $BOB_EMAIL
  • gpg –fingerprint $BOB_ID
  • gpg -u $ALICE_EMAIL –sign-key $BOB_ID
  • gpg –armor –output $BOB_ID-signed-by-$ALICE_ID.asc –export $BOB_ID
  • return $BOB_ID-signed-by-$ALICE_ID.asc

References