How To Retrieve PGP Public Keys

HOW TO RETRIEVE PGP PUBLIC KEYS

Mark Swearingen
mark@ephesus.com

Created Wednesday 2000 January 26

In order to send encrypted e-mail to someone who uses PGP, you must first add a copy of their public key to your keyring. This document explains four different ways to do that. (For each key you import, you would use only one of these methods.)

If the person you are interested in corresponding with has already posted his public key somewhere accessible, then the first three methods allow you to retrieve it without any further work on his part. The fourth method requires a little additional work on the part of your intended correspondent, in that he must e-mail a copy of his public key to you.

After importing someone's public key using any of these methods, you should verify the unique key fingerprint.

Method #1: Use the search command in PGP. If you are using PGP for Windows, this is the easiest way to get a copy of someone else's public key without having them e-mail it directly to you. From the command menu in PGPkeys, select Keys -> Search. Enter part or all of the person's name or e-mail address, and PGP will display a list of matching keys on the public key server. Right-click on the desired key(s) and select Import to Local Keyring. This will copy the selected key(s) to your keyring.

Method #2: Copy the key from a web page. Some people post their public key(s) on their web page. The key will appear as a block of text that begins and ends with the following lines:



-----BEGIN PGP PUBLIC KEY BLOCK-----



[...]



-----END PGP PUBLIC KEY BLOCK-----

To import a key posted in this way, highlight the entire key block, including the beginning and ending lines. (Click with the left mouse button at the beginning of the block of text and hold the mouse button while dragging the mouse pointer to the end of the block of text.) Then "copy" the key to the clipboard by pressing Ctrl+Insert.

Next, right-click the PGPtray icon on your taskbar and select Edit Clipboard Text. This will display the contents of the clipboard in the PGP Text Viewer.

In order to import the key, all of the lines in the key block must be flush against the left margin. However, depending on how the web page is formatted and how your web browser copies text from it, there may be spaces at the beginning of each line. If this is the case, then you must first delete the leading spaces from each line. (In the PGP Text Viewer, use the arrow keys to position the cursor at the beginning of each line, then, while holding down the Shift key, press Ctrl+Right arrow then Ctrl+Left arrow. This will highlight all the spaces at the beginning of the line. You may then release the Shift key and press Delete. Repeat this procedure for each line.) Once you have edited the key block in the PGP Text Viewer to eliminate all leading spaces, click on Copy to Clipboard. Now the key block text is ready to be imported to your keyring. (If no editing was required, simply press Esc or click the Ok button to dismiss the PGP Text Viewer.)

Now right-click again on the PGPtray icon and select Add Key from Clipboard. This will display a dialog box with the key(s) you copied from the web page. You can drag the edges of the dialog box to make the window wider if you wish. (If no keys are displayed, then the key block may be invalid, or there may have been a problem copying or editing the text from the web page.) Finally, select the desired key(s) and press the Import button to add them to your keyring.

Method #3: Use the public key server's e-mail interface. If you are using an older version of PGP that does not have the convenient Key -> Search command, then you may wish to use the e-mail interface for Brian A. LaMacchia's (BAL's) PGP Public Key Server, hosted at MIT.

To retrieve a public key using this method, e-mail a message with one of the following subject lines to get an automated reply from the server (the body of your message is irrelevant):


To: PGP Key Server
<pgp-public-keys@keys.pgp.net>



Subject: HELP

(Retrieve a set of instructions that contains a list of e-mail commands for use with the key server.)


Subject: VERBOSE INDEX ephesus

(Retrieve the key ID, key length, user ID, and signature ID's for all keys containing the word "ephesus" in the name or e-mail address -- but do not retrieve the keys themselves.)


Subject: GET Mark Swearingen Key #3

(Retrieve the public key block for Key #3 only.)


Subject: GET mark@ephesus.com

(Retrieve a public key block containing all my keys.)

Method #4: Import directly from an e-mail message. This is by far the easiest method of importing someone else's public key, but it requires that the person send you the key directly by e-mail. If you receive an e-mail message with someone's public key in it, simply click the Decrypt/verify button and PGP will automatically display a dialog box allowing you to import the key.