See, that's where the problem lays. You're talking to me from a frame of someone who knows about this stuff and thus unintentionally assume I know what 1) pubkey 2) PGP 3) all the other stuff means. 😔
PGP stands for Pretty Good Privacy. It is a system for encrypting and authenticating data.
With PGP, individual users can create key pairs - a private key and a public key. The combination of a private key and some data allows a user to create a signature unique to that data. The combination of that data, the signature, and the original user's public key, allows other users to verify that the signature was created by the owner of the private key.
When the latest version of Electrum is released, the lead developer ThomasV can use his private key to sign it and produce a signature. You, as the end user, then download Electrum and the signature file, and by using his public key can confirm that it was indeed him who signed it.
It is important, therefore, to ensure you are using his real public key, so you know it was definitely him (and not some malicious third party) who produced the wallet software and signature file.
A fingerprint is simply a short string of characters which is unique to a much longer public key, just like a real life fingerprint is a small object which is unique to a much larger object (a person).
Here is another link to ThomasV's PGP key:
http://keys.gnupg.net/pks/lookup?op=vindex&fingerprint=on&search=0x2BD5824B7F9470E6You'll see the same fingerprint at the top of the page as both pooya87 and HCP have quoted. If you click on the hyperlink above the fingerprint, it will take you to the full PGP public key.
