Public Key Servers and the ''Web of Trust''

Public key servers are used as a common place to store public keys, and they function similarly to web pages. Sometimes, you will receive a message which has been signed by someone whose key you do not have. At that time, you can connect to the public key servers, download the key (along with all of its signatures), and add it to your keyring. Using the newly downloaded public key, you can check signatures, send encrypted email, and do everything else discussed in this document.

However, if you don't trust any of the signatures, it would be worthwhile to verify the owner of the key, to make sure that you really are speaking with the person you wish to be speaking with. Otherwise, you might wind up sending an inappropriate message to the wrong person.

Some of the major public key servers can be found by following the links below:

• European WWW Based PGP 5.0 Key Server System
• OpenPGP Public Key Server