GnuPG: Sharing a public key

Tabs

Detailed help

If you are not yet familiar with encrypting a public key, please read the general instructions on encryption methods.

In order for others to be able to send you encrypted messages, they need to get hold of your public key from somewhere. A common way is to send your public key to a key server. Other possible ways are making your key available on your website and sharing a link to it, and sending your public key by e-mail to those who need it.

Key servers keep a register, a sort of phone book, for public keys sent to them. Most key servers send a notification of new keys sent to them as well as changes made to existing keys to other key servers, creating a network where information about the keys is available. In order to find a desired recipient's public key, the servers can be searched using suitable criteria, such as key ID, e-mail address or name. It is worth noting that key servers only publish the keys, they do not in any way check or guarantee the quality, functionality or holders of the keys. Therefore, it is worth checking key information with the recipient before sending.

Sharing keys using Enigmail (Thunderbird add-on)

Enigmail contains functions for sending keys to key servers and directly to users by e-mail. You can find the functions by following these steps:

  • open the OpenPGP menu
  • select Key management
  • find your key in the list
  • right-click on your key
  • select sharing option.

If you selected Upload to keyserver, Enigmail asks you which server the key should be uploaded to. This is a matter of preference, and, at the time of writing (spring 2014), all key servers on the list are functional. Most key servers share uploaded public keys with each other, so that all keys are available on all servers in the network after a while.

Sharing a public key using Kleopatra

The Kleopatra key manager has the same functions as Enigmail for key management. You can send a key by selecting the key in the key list either via the File menu or right-clicking and selecting Export Certificates to Server....

The program asks you if you are sure that you have created a revocation certificate for your key and if you are sure that you want to export your key to the server, because it cannot be removed from there. If you have followed the instructions, click Ok. If you do not want to see this warning again, check Do not ask again.

Lastly, the program notifies you that the export was successful.