GPG Key Photo Removal

Neil Williams linux at codehelp.co.uk
Sun Feb 1 00:47:42 CET 2004 

On Saturday 31 Jan 2004 6:05 pm, Steve Wolfe wrote:
> I've just started toying with GPG, and added a small picture to my
> key.  It seems though that this is preventing the keyservers from
> accepting my key as valid.  I was hoping that there is a way to remove
> this photo from my key without having to revoke it alltogether.

To get the key onto these keyservers (minus photo), I would use KGpg which has 
a nice feature to export a key without the photo UID. The block exported can 
then be put into any keyserver www interface. I can't remember the gpg 
command to do the same thing from the command line. (Send me your public key 
and I'll do it for you, if you don't have KGpg.)

To get the key onto keyservers that support photos, change your keyserver to 
hkp://sks.dnsalias.net or others based on SKS. 
www interface: http://sks.dnsalias.net/

You can also delete a uid but that won't remove the evidence from keyservers. 
As you've already sent your key to keyservers that have problems with photo 
UID's you will continue to get mild error reports with your key in the 
future. GnuPG will construct a valid key and it's not a huge problem. Look at 
ways of adding a comment to GnuPG signatures, email headers or email 
signatures that says 'this key has been corrupted by some keyservers, the 
complete key is available at http://www.somesite 

You can also revoke any secondary UID independent of the key itself. Edit the 
key in gpg and revoke the self-signature.

http://www.gnupg.org/gph/en/manual.html#AEN305
The OpenPGP specification does not support user ID revocation, but a user ID 
can effectively be revoked by revoking the self-signature on the user ID. For 
the security reasons described previously, correspondents will not trust a 
user ID with no valid self-signature.

You would still need to send the key to some keyservers without the revoked 
UID.

-- 

Neil Williams
=============
http://www.codehelp.co.uk/
http://www.dclug.org.uk/
http://www.isbn.org.uk/
http://sourceforge.net/projects/isbnsearch/

http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: signature
Url : /pipermail/attachments/20040201/9a947435/attachment.bin

More information about the Gnupg-users mailing list