OT: Revoking Old Keys... my problem
atom-gpg at suspicious.org
Thu May 6 03:42:28 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
On Wed, 5 May 2004, Neil Williams wrote:
> On Tuesday 04 May 2004 1:48, Bill Turner wrote:
> > 2. Someone had suggested (a few actually) I change my 'gpg comment' to
> > have the essentials (in the sig below) concerning the old key being
> > 'bogus'. I haven't done that yet either. Although with gpgshell I know
> > it does give an option to do that very thing.
> Only by adding another UID - your comment is part of your user identity and
> cannot be changed - same as your email address. You can only add, not modify.
if the key has not yet been circulated, you can add a new UID and then
delete the older one. if the key has been circulated, that would be a
waste of time, since keyservers and keychains will never "forget" the UID
that you want to get rid of, and will always add it to any copy of your
key that they find.
i think if i were in your shoes, i'd have a primary key that just has the
"usual" name, comment and email. then, i'd add a second UID that includes
a BRIEF explanation of the key that is superseded.
> > Secondly, is it possible to change the comment in my gpg key without
> > having to generate a new keypair? If so, should I do that before I
> > generate the revocation cert, afterwards, or does it matter at all?
> Only by editing the key and adding a second UID.
same as above.
PGP key - http://atom.smasher.org/pgp.txt
3EBE 2810 30AE 601D 54B2 4A90 9C28 0BBF 3D7D 41E3
"Until they become conscious they will never rebel,
and until after they have rebelled they cannot
-- George Orwell
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
Comment: What is this gibberish? - http://atom.smasher.org/links/#digital_signatures
-----END PGP SIGNATURE-----
More information about the Gnupg-users