Alex Fraser <alex@phatcore.com> writes:
I'm a bit confused by all this.
If it helps (anyone reading this), the GnuPG documentation has a more detailed HOWTO for keysigning parties <URL:http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html>.
Caff doesn't seem to give me the option to save a signed key to be sent manually, and I don't have my system set up to send email.
Yes, ‘caff’ is good for automating the steps, but that means your system needs to be able to send email. I recommend you set up a simple MTA on every system you use, since many services (especially in free software) operate at least in part by email, and tools can make your life easier by automating this.
I tried using straight gpg, and it seems to have worked - but now should I just send the output of `gpg --armor --export ID` to the owner of ID? Do I need to do that for subkeys separately? And what do I do with that data if someone sends it to me?
You can alternatively use a tool like GNOME 3's “Passwords and Keys”, also known as ‘seahorse’ <URL:https://wiki.gnome.org/Seahorse>. It is a GNOME front-end for GnuPG and some other encryption systems, integrated with the GNOME environment to manage keys. Using an interactive tool like “Passwords and Keys” means you need to do the steps individually, but it does make it clear what's going on at each point and doesn't require getting the command-line invocations right. -- \ “I call him Governor Bush because that's the only political | `\ office he's ever held legally.” —George Carlin, 2008 | _o__) | Ben Finney