How to verify a PGP signature using the non-default keyring

Often you will want to verify a PGP signature on a message or software
package but have a keyring rather than an individual public key. These
instructions are for MS Windows XP:

I. copy the keyring to your user home directory.
   This will be usually C:\Documents and Settings\<your user
   id>\Application Data\GnuPG . There should already be the default
   keyring in this folder but this is also the default location for
   any other keyrings you need to use. 

II. now simply use the option `--keyring' to specify the non-default
keyring you need to use.
    example : gpg --keyring=new-keyring.gpg --verify message.txt.sig
    <message.txt>

The other option often recommended is to download the key from a keyserver
directly. Note that the method above does not import the key into your
default keyring. If you need to use the key frequently it may well be
worth it to import the key rather than specify the non-default keyring
every time. You have to export the key from the non-default keyring
and then import it to your default keyring.


Allan J. Mui AIEEE
5 April 2009