Moving subkeys around
Bob Mathews
bobmath@earthlink.net
Thu Nov 21 16:53:02 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thursday 21 November 2002 06:33, David Shaw wrote:
> On Tue, Nov 19, 2002 at 05:21:04PM -0800, Russell O'Connor wrote:
> > Is it posslbe to move or copy a subkey from one key to another.
>=20
> This is technically possible, but you would have to do it by hand.
> GnuPG comes with "gpgsplit", a program that can handle the packet
> disassembly for you, but you will still need to get a valid
> self-signature on the moved subkey.
GPG will create a new binding signature on a subkey when you change its=20
expiration date, but, for some reason, only if the subkey already has a=20
binding signature on it. The signature doesn't have to be valid, it just =
has=20
to be there, so you can use one from a different subkey of the new master=
=2E Of=20
course, GPG won't import a subkey with an invalid binding, but you can ge=
t=20
around that by writing it directly into the keyring files yourself. I don=
't=20
recommend this procedure for the faint of heart. Make a backup first. Voi=
d=20
where taxed, licensed, or restricted.
-bob mathews
-----BEGIN PGP SIGNATURE-----
iD8DBQE93QJEPgDecCrBEpcRAuwiAJ9CvGkYcw3rWTngcfc10p75LlPhLwCgrBxA
D7R0fRWZdLXoVOadR9NyM08=3D
=3DY45V
-----END PGP SIGNATURE-----