PGP Global Directory Verification Key
1. Keep your Secret Key(s) in a very safe place and keep Backups of both your Public and Secret Keys
2. When you create a new key you must sign it with it self
1. Create a Master Key to sign all new keys and keep in a very safe place when not in use
2. Get your Master Key signed by a Verifiable Trusted Third Party
3. Create General Purpose Keys with expiration dates for every day use
4. Sign your new keys with themselves
5. Sign your new keys with your Master Key
6. Use your General Purpose Keys every day and only use your Master Key to sign new keys when really necessary
If you don't have a Trusted Third Party that you can use then you could use the PGP Global Directory Verified Key Service as a lesser alternative.
The service allows users to upload, change and delete their keys. After a key has been uploaded a verification request is sent to the email address held in the key. If there is no response to the email the key is not saved.
The key is then signed by the service and can be downloaded by other users.
Users can also then sign each others keys and upload them using the service.
PGP Global Directory Verification Key
Tim Brockley (Master Signing Key)
Visit our sponsor at RAPID ICT
Disclaimer; Every effort has been made to present information in an accurate way, however this information is presented "as is" and should not be read as "absolutely accurate".
