# Developer Key Signing

Developers need to generate, maintain, and sign keys to keep a web of trust.  The following are shortcut commands to accomplish this.

Many of the commands will have various prompts that should be obvious (selecting keys out of a list, entering passphrases, etc).  That verbage has been eliminated from the examples.


* Key Generation
* Extend Expiration
* Key Uploading
* Key Download
* Key Signing
* Signature Upload

## Key Generation 
*TBD*

## Extending Expiration

Your key will eventually expire.  You can extend the key expiration time:

netpgp:
[[!template  id=programlisting text="""
unsupported at this time.
"""]]

gpg:
[[!template  id=programlisting text="""
# gpg --edit-key C631C69E
Command> expire
Key is valid for? (0) 5y
"""]]

You will need to re-upload to the key-server.

## Key Uploading

gpg:
[[!template  id=programlisting text="""
# gpg --keyserver pgp.mit.edu --send-keys C631C69E
"""]]


## Key Download

If you have the fingerprint, it's pretty easy to download the key.  This will import into your keychain.

netpgp: (Only if already downloaded from keyserver.)
[[!template  id=programlisting text="""
# netpgpkeys --import-key  file
"""]]

gpg:
[[!template  id=programlisting text="""
# gpg --keyserver pgp.mit.edu --search-keys C631C69E
"""]]



## Key Signing

gpg:
[[!template  id=programlisting text="""
# gpg --default-key cyber@netbsd.org --sign-key C631C69E
"""]]


## Signature Upload

gpg:
[[!template  id=programlisting text="""
# gpg --keyserver pgp.mit.edu --send-keys E361D0FA
"""]]