Keys not trusted

David Shaw dshaw@jabberwocky.com
Fri May 16 03:54:39 2003


--X1bOJ3K7DJ5YkBrT
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, May 10, 2003 at 10:27:47AM +0200, Adrian 'Dagurashibanipal' von Bid=
der wrote:
> On Friday 09 May 2003 19:24, darren chamberlain wrote:
> > * Graham <graham.todd at ntlworld.com> [2003-05-09 13:17]:
>=20
> [keyring maintenance]
>=20
> > How do you know which keys you don't need?  Do you simply eyeball the
> > userids and delete the ones you don't recognize, or is there a more
> > efficient way?  I currently have over 300 public keys on my keyring (I
> > also have the auto-retrieve option set), and I'm very sure I don't need
> > most of those, but how can I tell which ones I actually need?
>=20
> Yo!
>=20
> 300 keys sounds about right :-)
>=20
> I have a little script that just presents me with 5 random keys. I
> then delete those where I don't recognize the name (either from
> mailing lists, or privately) - I do this more or less weekly
> (sometimes less). It's far from perfect, but I don't want to go
> through the whole keyring. Of course I occasionally delete a key
> that is then downloaded again when I read mail, but as those aren't
> people I know, I don't think this is a problem.

Another trick that you can use is to have more than one public
keyring.  Some people have one keyring that contains the keys they
know personally or have signed, and a larger keyring that
auto-key-retrieve imports into.  Then, they can just quickly blast
through the larger automatic keyring every now and then without
accidentally losing an important key.

David

--X1bOJ3K7DJ5YkBrT
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-cvs (GNU/Linux)
Comment: http://www.jabberwocky.com/david/keys.asc

iD8DBQE+xAFl4mZch0nhy8kRAqJaAJ9B3LopjjhJVm0J3YlBKYlZrFQGeACg4yxr
q/boHfXO8EmA8psHHwTmE78=
=EOwO
-----END PGP SIGNATURE-----

--X1bOJ3K7DJ5YkBrT--