use long gpg ids instant of short gpg ids
https://www.torproject.org/docs/verifying-signatures.html.en
Gpg short ids are not safe. http://www.asheesh.org/note/debian/short-key-ids-are-bad-news.html
Instant of
gpg.exe --keyserver x-hkp://pool.sks-keyservers.net --recv-keys 0x63FEE659
suggest
gpg --keyserver x-hkp://pool.sks-keyservers.net --recv-keys 8738A680B84B3031A630F2DB416F061063FEE659
I suppose people who do this, know copy and paste.
This stops anyone from posting a key to the keyserver with the same short id 0x63FEE659.