The Master Keys

PuTTY

E.2.4 The Master Keys

The Master Key signs almost nothing. Its purpose is to bind the other keys together and certify that they are all owned by the same people and part of the same integrated setup. The only signatures produced by the Master Key, ever, should be the signatures on the other keys.

The Master Key is especially long, and its private key and passphrase are stored with special care.

We have collected some third-party signatures on the Master Key, in order to increase the chances that you can find a suitable trust path to them.

We have uploaded our various keys to public keyservers, so that even if you don't know any of the people who have signed our keys, you can still be reasonably confident that an attacker would find it hard to substitute fake keys on all the public keyservers at once.