deleting signatures from uids

Stijn Hoop stijn at
Tue Oct 31 14:58:04 CET 2006


I'm almost certain that this is a FAQ but my GoogleFu fails me today so
I turn to the mailing list.

After a reinstall some weeks ago today I "needed" my GPG key again, and
to my horror I forgot to copy it over. Luckily I found an old backup
of my ~/.gnupg and all seemed well after a cleanup of the trust db etc.

However I also wanted to "clean up" my key. It was published on a
keyserver a long while ago (2001) when me and a few friends where
toying around with PGP; I've since used GnuPG once in a while but they
stopped using it, and aren't interested in the web of trust anymore.

On the keyservers, there are therefore lots of signatures on my key
from others that a) are really not useful anymore or b) that I have
never even met (how did those get there!). Fortunately it looks like
I can delete those signatures locally with --edit-key and then using
'delsig'. However I cannot get the keyservers to accept the new key
without the useless signatures; they only seem to add new ones (as
is evident from the multiple self-signatures now present).

In a way I can see why; removing signatures from uids seems like it
should require a passphrase, however it doesn't work that way. I've
also read that it's nearly impossible to remove a key from the
keyservers, however that's also not what I want to do, just update it.

Am I running into a limitation of the public key server
architecture? If so I guess I'll have to live with the crufty
signatures, but if not, what am I doing wrong?



More information about the Gnupg-users mailing list