This article describes how to sign another user's public key on the PGP Global Directory
By signing another users public key, you are stating you have verified that the key does in fact belong to the owner. Verification is done by comparing the unique fingerprint on the key to the actual fingerprint on the users original key. You may use an exportable signature when you sign another users key so that the signature will travel with the key. The benefit of this is that if someone decides to trust you and you have signed another persons key, then they can consider the key valid without verifying it for themselves. You can only add your signature to a key in the PGP Global Directory if your key already exists in the PGP Global Directory. After you download the key to your system, you can then use PGP Desktop 9.x to sign the public key and upload it back to the PGP Global Directory.
|Note: When you submit the signed key to the PGP Global Directory, there is no verification required by the owner of the key. In order for the key you sign to become valid, the key you are signing with must be implicitly trusted. The trust level can be adjusted by viewing the properties of the key and selecting implicit under the trust settings.|
How to Add Your Signature to Someone Elses Public Key and then Upload it to the PGP Global Directory