HOW TO: Verify PGP keys in PGP Desktop 10 for Windows

Article:HOWTO42091  |  Created: 2009-09-11  |  Updated: 2011-02-06  |  Article URL http://www.symantec.com/docs/HOWTO42091
Article Type
How To




This article describes how to verify PGP Keys in PGP Desktop 10.



After importing a key into PGP Desktop, the key is not available to be used for encryption and appears as unverified. The key appears with a gray circle under the Verified column in All Keys. To verify a key so that it can be used for encryption, the key must be Signed.

Signing a Public Key

When you create a keypair, the keys are automatically signed. Similarly, once you are sure a key belongs to someone, you can sign that person's public key, indicating you are sure it is verified.

Use the following steps to sign a key:

1. Open PGP Desktop, click the PGP Keys Control box, and then click All Keys.

2. Right click on the key you want to sign and select Sign from context menu. The PGP Sign Key dialog displays the Key/User Name, the Email address, and a hexadecimal Fingerprint displayed in the text box.

3. You may select the option to Allow signature to be exported and click OK to Sign the key. If your passphrase is not cached, you will be prompted to enter the passphrase for your key. For more information on the option to Allow signature to be exported, please see additional information below.

The key is now Signed and now appears in PGP Desktop as Verified and show a green check mark under the Verified column in All Keys to be exported with this key.

Note:Select the Allow signature to be exported checkbox, to allow your signature to be exported with this key.

An exportable signature is one that is allowed to be sent to servers and travels with the key whenever it is exported, such as by dragging it to an email message. The checkbox provides a shorthand means of indicating that you wish to export your signature.

Changing the Trust level for a PGP Keypair

After importing a keypair from backup, the key is not Verified and is not available for encryption or decryption. To enable the key, the trust level must be changed on the key properties of the key.

Use the following steps to change the Trust level of your key.

1. Open PGP Desktop, click on the PGP Keys Control box, and select All Keys.
2. Double-click the key for which you want to change the trust level. The Key Properties dialog box for the key you selected appears.
3. In the Key Properties dialog box, locate the Trust field.
4. Click the down arrow by the current setting and select Implicit from the available settings from the list.
5. Close the Key Properties and the key will now appear as Verified and show a green check mark under the Verified column in All Keys.

Note: If you are changing the trust level for a keypair, you can select None or Implicit. Only keypairs that you are importing from backup or from another computer of yours need to have their trust set to Implicit; when you create a keypair, its trust is automatically set to Implicit.

If you are granting trust for a public key, you can select None, Marginal, or Trusted.


Legacy ID



1641


Article URL http://www.symantec.com/docs/HOWTO42091


Terms of use for this information are found in Legal Notices