export single UID of a key

Jason Harris jharris@widomaker.com
Tue Apr 8 19:48:02 2003


--rJwd6BRFiFCcLxzm
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Apr 08, 2003 at 04:11:28AM +0200, Michael Nahrath wrote:

> The second is the way I want to go. Currently I use basically those steps:
>=20
> gpg --recv-key $KEYID
> # START loop:=20
> # repeat until only 1 UID left
>     gpg --default-cert-check-level 3 --edit-key $KEYID uid 1 sign save
>     gpg -a --export $KEYID \
>     | gpg -a -e -r $KEYID \
>     | mail -b $MY_MAIL -s "your signed key" `gpg --list-key $KEYID \
>         | grep "@" | cut -d "<" -f2 | cut -d ">" -f 1 | head -1`
>     gpg --edit-key $KEYID uid 1 deluid save
> # END loop
> gpg --delete-key $KEYID
> gpg --recv-key $KEYID

I hope you are checking the fingerprints after each keyserver fetch.

I would think it would be easier to sign all the userids at once=20
(one keyserver fetch, one fp check, one passphrase entry) and remove=20
all but one userid before sending the signed key to that address.

Have you looked into running RobotCA manually to assist in this process?
See key 0xC521097E and http://www.toehold.com/robotca/ .

> I have the feeling: There must be a better way to do this!
>=20
> Something like=20
>=20
> 1. Sign the full key
> 2. Export only one UID of the key

Deleting the userids will have to suffice since I don't believe you
can selectively export userids.

--=20
Jason Harris          | NIC:  JH329, PGP:  This _is_ PGP-signed, isn't it?
jharris@widomaker.com | web:  http://jharris.cjb.net/

--rJwd6BRFiFCcLxzm
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)

iD8DBQE+kwuYSypIl9OdoOMRAtyYAKCMYFv2mHTZk1nLKNcAxRJFS9RThQCgkNS0
teaB6IpL2RZR+eM/+57lEVk=
=D2Jy
-----END PGP SIGNATURE-----

--rJwd6BRFiFCcLxzm--