Migrating keys

Tue Nov 25 19:49:53 CET 2003

On Monday 24 Nov 2003 10:49 pm, Jens Kubieziel wrote:
> Hi,
>
> I'm planning to migrate to a new generated key (0x38CB4232). Currently i
> have lots of signatures on my recent key (0xEE0977E8). Therefore I'm
> planning to write all signees an signed and encrypted mail requesting for
> a signature to my new key. Because they verified my old key and I through
> signing with my old key I assure that also the new key belongs to me.
>
> Do you think that behaviour is appropriate or do I have an error in
> reasoning?

I've thought about that before and I've put a page on the DCLUG website that 
outlines what I hope is a decent method. Now's as good a time as any to ask 
if others think it'll work!
http://www.dclug.org.uk/linux_doc/gnupgsign.html#transfer

Can I transfer signatures to a new key?

If a key that has not been compromised needs to be revoked (or is due to 
expire soon), it is possible to transfer signatures onto a new key by sending 
encrypted details to each signatory, provided you still have the passphrase.

1.	Send an email warning / reminder about the imminent replacement of the key 
(signed with the old key because that's the key that people will recognise) 
to each signatory.

2.	Ask each signatory to send a SIGNED and encrypted reply to the OLD key 
containing some quote / random text. It's important that the reply is signed 
so that you can trust the quote / random text.

3.	Sign each key with your new key as the emails come in and make sure that 
all the recipient keys are updated on keyservers.

4.	Send an encrypted reply to each signatory, including the appropriate quote 
/ random text and the fingerprint of the new key and make sure that the reply 
email is signed with your NEW key. Don't revoke signatures made using the old 
key - they are still valid as long as the old key has not been compromised.

5.	Recipients can update their own keys from keyservers, verify that the new 
key signature is on their own key and check the fingerprint of your new key. 
Recipients can also revoke their signatures on your old key at this point. 
Many recipients would then be willing to sign the new key as there has been 
an encrypted transfer of data requiring both of the secret keys involved to 
be available to you alone.

6.	Once you've sent out all the replies to signatories, you can revoke the old 
key (or just let it expire). Don't delete it from your keyring or you'll lose 
the ability to read encrypted emails sent to you before the new key was 
generated.

I'll update the page if there are omissions.
I've used the method once with someone I know very well and it was our 
discussions that raised the idea for the page. I'd appreciate comments on how 
it'll work for signatories who are not in continued, regular, contact - 
people you met at expo's etc.

-- 

Neil Williams
=============
http://www.codehelp.co.uk/
http://www.dclug.org.uk/
http://www.isbn.org.uk/
http://sourceforge.net/projects/isbnsearch/

http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: signature
Url : /pipermail/attachments/20031125/cb6f7632/attachment.bin