====== Managing GPG keys ====== **Description:** A Debian developer must have a GPG key and be very careful with it. In fact, you need the key signed by other DDs to become a DD. And when you are a DD future DDs will need you sign their keys. **Language(s):** English **Signing keys:** [[http://bloc.eurion.net/archives/2010/gpg-key-signing-with-caff/|GPG key signing with CAFF]] **Importing signed keys:** Since I use [[http://notmuchmail.org/|notmuch]], I run the following commands: for thing in `notmuch search --output=files subject:signed and tag:inbox`; do gpg --decrypt < $thing | gpg --import done gpg --keyserver pgp.mit.edu --send-keys 1A49C0D2 These two lines are inspired (in fact, almost copied) from http://www.asheesh.org/scribble/code/gpg-caff.html