Webs of Trust and key signing parties
We mentioned uploading your key to a public key server earlier. If you have someone’s public key, then you know that only the holder of the associated private key can read any encrypted messages you send them.
The trouble is, unless you conducted the key exchange in person, there is no guarantee that the public key belongs to whom you think it belongs, it could well belong to an imposter. Thus it makes sense to advertise your key as much as possible: Put it on several keyservers, your website, your email signature. Conversely, do a background check before trusting a random public key. All of those things could potentially be hacked, though, so there’s another way. If you have met someone in person, or are otherwise sure of the authenticity of their public key, then you can sign it.
This relation can be built up to establish a decentralised structure known as a web of trust. Over time, people will see whose keys that you have signed and if they trust you then they ought to transitively trust those keys.
In order to get things started it’s common to hold a key signing party, where participants – amidst other revelry – meet in person, verify photo IDs and sign keys and certificates. A fictional key signing party occurs in Cory Doctorow’s novel on a California beach – where will you host yours?