Using subkeys to renew an expiring key

Qed qed at
Tue Aug 29 00:44:20 CEST 2006

Hash: RIPEMD160

On 08/28/2006 10:22 PM, SeidlS at wrote:
> I have two questions regarding how to "renew" this key.
> 1) Is the correct way to renew the key to add another subkey that expires
> in September, 2007, or is there a better way?
This wouldn't renew your master key, you have to change expiration date
with 'expire' command from --edit-key shell.

> 2) If we do add another subkey that expires in September, 2007, how well
> will the two subkeys work together?  It's going to be difficult to get
> everyone to convert to the updated key in the same day, so we won't be able
> to revoke the subkey at the same time we generate the new one.   Another
> way to say this, we may be encrypting a file with the subkey added, while
> one or more organization may be using the old key (without the new subkey)
> and one or more organizations may be using the new key (with the new
> subkey).  Will this work correctly??
Unless you'd specify explicitely to use the old subkey, the most recent
one will be used; you can encrypt the message to both subkeys(if not
- --

War is Peace
Freedom is Slavery
Ignorance is Strength

ICQ UIN: 301825501
OpenPGP key ID: 0x58D14EB3
Key fingerprint: 00B9 3E17 630F F2A7 FF96  DA6B AEE0 EC27 58D1 4EB3
Check fingerprints before trusting a key!
Version: GnuPG v1.4.5 (GNU/Linux)


More information about the Gnupg-users mailing list