How To Import my public key into your keyring
  1. Download my public gpg key here and save it as gpg-peter.asc.
  2. Import my public key into your public key ring with the following command: 
    	gpg  --import  gpg-peter.asc
  3. Verify that everything went OK by performing the following command: 
    	gpg  --fingerprint  p@dirac.org
    Make sure you see something like this: 
    	% gpg  --fingerprint  p@dirac.org
	pub  1024D/67EA951D 2000-12-08 Peter Jay Salzman <p@dirac.org>
	   Key fingerprint = B9F1 6CF3 47C4 7CD8 D33E  70A9 A3B9 1945 67EA 951D
	sub  2048g/BA20F792 2000-12-08
    Make sure that the fingerprint on your screen matches the fingerprint here. If not, something is very wrong.

That's it. My public key is now in your keyring.

How To Sign My Key

I take the web of trust very seriously, and you should too. Please don't sign my key unless you know me and I tell you my fingerprint either in person (preferred) or over the phone (less preferred).

Here's how to sign my key:

  1. My public key needs to be in your keyring. You can check if it is with: 
       gpg --list-keys salzman
    gpg will either list my key or tell you that my public key isn't in your keyring. If it isn't in your keyring, follow these instructions.


  2. Look at my fingerprint with the following command: 
       gpg  --fingerprint salzman
    You'll see something like this (my fingerprint is in green): 
       pub  1024D/67EA951D 2000-12-08 Peter Jay Salzman <p@dirac.org>
   Key fingerprint = B9F1 6CF3 47C4 7CD8 D33E  70A9 A3B9 1945 67EA 951D
   sub  2048g/BA20F792 2000-12-08
  3. Meet me in person (preferred) or call me on the phone (less preferred) and ask me to recite my fingerprint. If the fingerprint I give you matches the fingerprint in green (above), you can sign my key. If the fingerprints don't match, DON'T sign my key!


  4. Sign my key with: 
       gpg  --sign-key salzman
    You'll be asked to assign a level of trust. If you know me and verified my fingerprint in person or over the phone, assign (3) I have done very careful checking. If you verified my fingerprint in person or over the phone but you don't actually know me very well, assign a trust level of (2) or even (1) depending on how well you know me.


  5. Enter your secret passphrase when gpg asks for it.


  6. Export my key to a file: 
       gpg --export --armor salzman > salzman.asc
  7. Email the file salzman.asc to me (I like MIME, but it's not necessary).