diff --git a/app/models/person.rb b/app/models/person.rb
index d299b35fc..82e7e4f9b 100644
--- a/app/models/person.rb
+++ b/app/models/person.rb
@@ -26,7 +26,7 @@ class Person
   
   validates_true_for :url, :logic => lambda { self.url_unique?}
 
-  after_destroy :remove_all_traces
+  after_destroy :remove_all_traces, :remove_key
 
   scope :friends,  where(:_type => "Person", :active => true)
 
@@ -66,6 +66,9 @@ class Person
     Comment.delete_all(:person_id => self.id)
   end
 
-
+  def remove_key
+    ctx = GPGME::Ctx.new
+    ctx.delete_key(key)
+  end
 
  end
diff --git a/app/models/post.rb b/app/models/post.rb
index c29c9510b..c6ce1fb5f 100644
--- a/app/models/post.rb
+++ b/app/models/post.rb
@@ -47,8 +47,11 @@ class Post
   key :owner_signature, String
   def verify_signature
     return false unless owner_signature && person.key_fingerprint
-    GPGME.verify(owner_signature){ |signature|
-      return signature.validity == GPGME::VALIDITY_FULL
+    
+    GPGME::verify(owner_signature, {:always_trust => true}){ |signature|
+      return signature.status == GPGME::GPG_ERR_NO_ERROR &&
+        #signature.to_s.include?("Good signature from ") &&
+        signature.fpr == person.key_fingerprint
       #validity = validity && person.key_fingerprint == signature.fpr
     }
     #validity = validity && (signed_text == to_xml.to_s)
@@ -56,7 +59,8 @@ class Post
   protected
   def sign_if_mine
     if self.person == User.first
-      self.owner_signature = GPGME::sign(to_xml.to_s,nil,{:armor=> true}) 
+      self.owner_signature = GPGME::sign(to_xml.to_s,nil,{
+        :armor=> true, :mode => GPGME::SIG_MODE_DETACH}) 
     end
   end
 
diff --git a/app/models/user.rb b/app/models/user.rb
index 1e7aa4bd7..0c1f2c599 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -60,6 +60,7 @@ class User < Person
       friend_request.activate_friend
       friend_request.destroy
     else
+      GPGME.import(friend_request.exported_key)
       friend_request.person.save
       friend_request.save
     end
diff --git a/gpg/diaspora-test/pubring.gpg b/gpg/diaspora-test/pubring.gpg
index 721861b75..58a5cbaac 100644
Binary files a/gpg/diaspora-test/pubring.gpg and b/gpg/diaspora-test/pubring.gpg differ
diff --git a/gpg/diaspora-test/trustdb.gpg b/gpg/diaspora-test/trustdb.gpg
index 400230545..b0d16300f 100644
Binary files a/gpg/diaspora-test/trustdb.gpg and b/gpg/diaspora-test/trustdb.gpg differ
diff --git a/spec/fixtures/msg.xml.clear.asc b/spec/fixtures/msg.xml.clear.asc
new file mode 100644
index 000000000..e80a6a26f
--- /dev/null
+++ b/spec/fixtures/msg.xml.clear.asc
@@ -0,0 +1,24 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+<status_message>
+  <message>jimmy's 1 whales</message>
+  <_id>4c3b7cf9312f91367f000004</_id>
+  <person>
+    <email>bob1@aol.com</email>
+    <url>http://www.example.com/</url>
+    <_id>4c3b7c64312f913664000005</_id>
+    <key_fingerprint>0264242496D4B585297BF236BEEFE6DEBE3407AA</key_fingerprint>
+    <profile>
+      <first_name>Bob</first_name>
+      <last_name>Smith</last_name>
+    </profile>
+  </person>
+</status_message>
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.10 (GNU/Linux)
+
+iEYEARECAAYFAkw7qBYACgkQ5hWCpTN+yRI3uwCgj4RhakQQP9K3Lu7fkHYydcEB
+J30AnjQZjwY7e1VBkYp6NmL3z2039s5R
+=ifDI
+-----END PGP SIGNATURE-----
diff --git a/spec/fixtures/msg.xml.detached.asc b/spec/fixtures/msg.xml.detached.asc
new file mode 100644
index 000000000..1f3dbcc21
--- /dev/null
+++ b/spec/fixtures/msg.xml.detached.asc
@@ -0,0 +1,7 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.10 (GNU/Linux)
+
+iEYEABECAAYFAkw7p+YACgkQ5hWCpTN+yRIrHgCghpIwNtqODBwaEjL6duFNcTKv
++XYAoKWvcAz76dmAvD71QkTue5F67cq8
+=jIOx
+-----END PGP SIGNATURE-----
diff --git a/spec/fixtures/msg.xml.normal.asc b/spec/fixtures/msg.xml.normal.asc
new file mode 100644
index 000000000..90949d2ff
--- /dev/null
+++ b/spec/fixtures/msg.xml.normal.asc
@@ -0,0 +1,13 @@
+-----BEGIN PGP MESSAGE-----
+Version: GnuPG v1.4.10 (GNU/Linux)
+
+owGbwMvMwCT4TLRpqXHdSSHGtYxbkthzi9P1KnJzfKyXH7cpLkksKS2Oz00tLk5M
+T7XjUlCwgbGzMnNzK9WLFQwVyjMSc1KLbfSRVcVnptiZJBsnmSenWRobGqVZGhqb
+macZgICJjT5IFqSqILWoOD8PxARyUnMTM3PskvKTDB0S83P0kvNzbfQhYhD50qIc
+u4ySkgIrff3y8nK91IrE3IKcVJA6fRt9kCREGcJmMxOYzWYmYJtN4TYD1WWnVsan
+ZealpxYVFGXmldgZGJmZGAGhpZmLiZOphamRpbmTm5GxmZOrq5urmYurk6uxiYG5
+o6ONPrpOiHkFRflpmTmpEB6Qn5ZZVFwSn5eYm2rnlJ9ko4/EhynJSYSJBOdmlmTY
+6CMEIGbqIxkK5EBDy0YfLVo63FgYBJkY2FiZQJHGwMUpAIvRzhkMC04tX8j8bv3T
+QpXm+waPDzQ0HT38p45hntLiCTerfep5uNpMLHWWW75e9vqqAwA=
+=k+0d
+-----END PGP MESSAGE-----
diff --git a/spec/user_encryption_spec.rb b/spec/user_encryption_spec.rb
index 574a78592..75630ee32 100644
--- a/spec/user_encryption_spec.rb
+++ b/spec/user_encryption_spec.rb
@@ -13,6 +13,7 @@ describe 'user encryption' do
     @u.send(:assign_key)
     @u.save
   end
+
 #  after :all do
     #gpgdir = File.expand_path("../../db/gpg-#{Rails.env}", __FILE__)
     #ctx = GPGME::Ctx.new
@@ -20,6 +21,17 @@ describe 'user encryption' do
     #keys.each{|k| ctx.delete_key(k, true)}
   #end
   
+  it 'should remove the key from the keyring on person destroy' do
+    person = Factory.create :person
+    keyid = person.key_fingerprint
+    original_key = person.export_key
+    GPGME.list_keys(keyid).count.should be 1
+    person.destroy
+    GPGME.list_keys(keyid).count.should be 0
+    GPGME.import(original_key)
+    GPGME.list_keys(keyid).count.should be 1
+  end
+
   it 'should have a key fingerprint' do
     @u.key_fingerprint.should_not be nil
   end
@@ -65,14 +77,34 @@ describe 'user encryption' do
     end
     
     it 'should not be able to verify a message from a person without a key' do 
-      person = Factory.create(:person)
+      person = Factory.create(:person, :key_fingerprint => "123")
       message = Factory.create(:status_message, :person => person)
       message.verify_signature.should be false
     end
     
-    it 'should know if the signature is from the wrong person' do
-      pending
+    it 'should verify a remote signature' do 
+      person = Factory.create(:person, :key_fingerprint => GPGME.list_keys("Ilya").first.subkeys.first.fpr)
+      message = Factory.create(:status_message, :person => person,
+                               :owner_signature => File.open(File.dirname(__FILE__) + "/fixtures/msg.xml.normal.asc").read)
+                              # :owner_signature => File.open(File.dirname(__FILE__) + "/fixtures/msg.xml.detached.asc").read)
+                              # :owner_signature => File.open(File.dirname(__FILE__) + "/fixtures/msg.xml.clear.asc").read)
+
+      message.verify_signature.should be true
     end
     
+    it 'should know if the signature is from the wrong person' do
+      person = Factory.create(:person, :key_fingerprint => GPGME.list_keys("Ilya").first.subkeys.first.fpr)
+      message = Factory.create(:status_message, :person => person,
+                               :owner_signature => File.open(File.dirname(__FILE__) + "/fixtures/msg.xml.normal.asc").read)
+                              # :owner_signature => File.open(File.dirname(__FILE__) + "/fixtures/msg.xml.detached.asc").read)
+                              # :owner_signature => File.open(File.dirname(__FILE__) + "/fixtures/msg.xml.clear.asc").read)
+
+      message.person = @u
+      message.verify_signature.should be false
+    end
+   
+    it 'should know if the signature is for the wrong text' do
+      pending
+    end
   end
 end