Paul Schaub: Creating an OpenPGP Web-of-Trust Implementation – Knitting a Net
There are two obvious operations your OpenPGP implementation needs to be capable of performing if you want to build a Web-of-Trust. First you need to be able to sign other users public keys (certificates), and second, you need to be able to verify those certifications.

The first is certainly the easier of the two tasks. In order to sign another users certificate, you simply take your own s … ⌘ Read more