export single UID of a key
Jason Harris
jharris@widomaker.com
Tue Apr 8 19:48:02 2003
--rJwd6BRFiFCcLxzm
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Apr 08, 2003 at 04:11:28AM +0200, Michael Nahrath wrote:
> The second is the way I want to go. Currently I use basically those steps:
>=20
> gpg --recv-key $KEYID
> # START loop:=20
> # repeat until only 1 UID left
> gpg --default-cert-check-level 3 --edit-key $KEYID uid 1 sign save
> gpg -a --export $KEYID \
> | gpg -a -e -r $KEYID \
> | mail -b $MY_MAIL -s "your signed key" `gpg --list-key $KEYID \
> | grep "@" | cut -d "<" -f2 | cut -d ">" -f 1 | head -1`
> gpg --edit-key $KEYID uid 1 deluid save
> # END loop
> gpg --delete-key $KEYID
> gpg --recv-key $KEYID
I hope you are checking the fingerprints after each keyserver fetch.
I would think it would be easier to sign all the userids at once=20
(one keyserver fetch, one fp check, one passphrase entry) and remove=20
all but one userid before sending the signed key to that address.
Have you looked into running RobotCA manually to assist in this process?
See key 0xC521097E and http://www.toehold.com/robotca/ .
> I have the feeling: There must be a better way to do this!
>=20
> Something like=20
>=20
> 1. Sign the full key
> 2. Export only one UID of the key
Deleting the userids will have to suffice since I don't believe you
can selectively export userids.
--=20
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
jharris@widomaker.com | web: http://jharris.cjb.net/
--rJwd6BRFiFCcLxzm
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)
iD8DBQE+kwuYSypIl9OdoOMRAtyYAKCMYFv2mHTZk1nLKNcAxRJFS9RThQCgkNS0
teaB6IpL2RZR+eM/+57lEVk=
=D2Jy
-----END PGP SIGNATURE-----
--rJwd6BRFiFCcLxzm--