Quote from: herbalone on January 29, 2013, 10:47 amThanks NightcrawlerSo, to be sure, when I click on my own key, under the "User Ids" panel in the signatures panel, I see : sig 3, with my name and key ID, should I delete that sig, or is a part of my secret key?ThanksNo, leave the signatures on your keys alone! When you are signing something, with the OpenPGP: Sign Selection: Shift-Command-R, you end up with something like this: -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512In short, you don't use it. Think of it this way: anything you PGP-clearsign can be verified by anyone with a copy of PGP and your PGP public key. DPR sometimes uses this method, so we can verify that any important posts they make are genuine, and not a forgery.So, if you sign something you shouldn't, you've effectively made a digitally-signed confession to illegal activity. In DPR's case, this is not a big deal, but for everyone else, I would strongly advise against signing anything, as it could later came back to haunt you.Nightcrawler <Nightcrawler@SR>PGP-Key: 4096R/BBF7433B 2012-09-22Key fingerprint = D870 C6AC CC6E 46B0 E0C7 3955 B8F1 D88E BBF7 433BPGP Key: http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090-----BEGIN PGP SIGNATURE-----iQIcBAEBCgAGBQJRCGqCAAoJELjx2I6790M7XggQAMMeLRa6SdnAg72+2lAWOohAEyke6KBwBgqBiLvqdm+mfhMl5/jwP7WD/S0Dq5aFg3SIxKozkwbrq8K1b8VBOGitp+TIapuu29j+iIBwIKg0vPiQGsqzVKuwSJutPqq0f0qrQ/AzrRFV7y6ugB7FRBzmbHoqR9AVZ0k5gHN0ZvUmSGK7iWo9+Youq7LzHUUf93Jg3hYeId7cLF33HTcBmTuZcnpNf06loLksUur4rweAhRJ1yUQaGPiaqdYMRR8yKOOHSs35bSZH7Ptchgsmw3oQXxmctcGKJ2hMYNuGLd+rks3M05GE4BclR4Y68pEY94+Zmo8z2sGPf1v6fmNTcsUlbkpe2tw64ONRqFQ5ccCUS8J7utQEwVDCKQinjruJRjh9JwSJ3Ec8vAU/kmFMGvp/woglzHMvYI0neUHcFUGY7AC835fBDsshTTqSY2xcW6LQ4BfPFwIehIMR0BC2utTurqvwz/A4VpU5/MWzqMFDOlmItQUbrXKbeIPJ3tQAdb2c+YlFCJvWw+I+Dx8054aXCpwyCd+NWehZ02CB4GZeBjm4XxaMfrHMfyZzo+q5IPiV+XRc2W2NNpGJZl6ne0OEeHlGcbzwD7cJ/UbLxPf4te4mXmItXOCc5pgvC4NwKQQFv7mUrpAKxTeBCe0JiLajAD5aFYK8fjZ8++3AQYde=nQSk-----END PGP SIGNATURE-----Anyone with a copy of my public key can verify the signature on the signed text, above. The verification message will look something like what follows: gpg: Signature made Tue 29 Jan 2013 12:34:10 PM UTC using RSA key ID BBF7433Bgpg: Good signature from "Nightcrawler <Nightcrawler@SR>"gpg: textmode signature, digest algorithm SHA512This is what you would use Shift-Control-V for, to verify some text that you had placed in TextEdit, and then highlighted with Command-A. Because the signature verifies, I cannot disavow having written that message -- good thing there's nothing incriminating in it.