Please note that the following instruction is based on GnuPG for Windows (Gpg4Win) version 1.1.3.
1. Download GnuPG for Windows (Gpg4Win) from http://www/gpg4win.org and install it.
2. Place the mouse on the PGP signature file (in this example, masterkey-linux-0.2.iso.md5.asc and right click the mouse button, move down GPGee->Verify/Decrypt and left click the mouse button to select it as shown in Figure 1.
3. You will see a pop-up window complaining that it could not verify because the public key for verifying the signature is missing (see Figure 2). Write down the key id (0xEC0FEA84 in this case).
4. There are two ways to import the public key, one is to import it from a key server and another is to import it from the key file.
· To import a public key from a key server, click Start-> GnuPG for Windows ->WinPT to run Key Manager. Click Keyserver to open the Keyserver Access window, highlight the line of http://pgp.mit.edu , enter the Key ID in the space and press Receive button to receive the key as illustrated in Figure 3, 4.
· To import a public key from a key file (say, mk_public_key.asc), Start-> GnuPG for Windows ->WinPT to run Key Manager. Select Key->Import… and choose the name of the key file (Figure 5), click Open to open the Key Import window and click the Import button to import the key (Figure 6).
Figure 6 5. Repeat Step 2 to verify the signature. This time you should see a pop-up window confirming that the signature is Good as shown in Figure 7.