key management
Andreas Jellinghaus
aj@dungeon.inka.de
Sun, 26 Sep 1999 16:59:06 +0200
a long time ago i had the email address aj@tricbbs.fn.sub.org.
later i had aj@dungeon.lake.de, and even later i had aj@debian.org.
i started my pgp key with the first email, added new email addresses
to the key, and remove them later, when i no longer had that address.
but old versions of my key are floating around, and most of them still have
the old email addresses included.
no i want to migrate to gnupg. my preferences are :
- there must be a way to get rid of old email addresses. realy.
- this could be done with one key per email address. but i donīt want
to have everyone subscribe several keys. one signature on one key
sh ould be enough. maybe some master/slave key or so ?
i saw the adduid and addkey commands in gnupg, but iīm not sure if they
will do what i want. most important: can i revoke one subkey, but leave the
whole key intact ? more exactly, i donīt want to revoke a subkey, but a userid.
and the key with all other user idīs intact.
any example how people manage their keys would be nice. for example the
use of separete keys for signing and encryption, or master/slave, or
yearly expired key and master key, or whatevery you have ...
regards, andreas