Combining Secret Keys
John Clizbe
JPClizbe at tx.rr.com
Tue Dec 11 12:37:35 CET 2007
Brad Tilley wrote:
> OK, thanks for the tip. So, I won't need to change anything publicly?
> Currently, I publish the public keys on a website... nothing to change
> there? To go from three to one, I will import two of the private keys
> into the remaining private key. Is it then OK to delete the individual
> secret keys that I imported? What about revocation certs... are the ones
> I have now OK, or should they be re-generated?
I think you misunderstand. You may import the keys to the same keyring file, but
each public-secret key pair remains a distinct entity.
You cannot merge multiple secret keys into a single key instance. You can only
store them in the same file.
Your existing revocation certs are fine *for each individual key*. If you wish a
public key to no longer be usable, you may import the key's revocation
certificate and publish the revoked key.
If you delete a secret key, you lose its use. You will no longer be able to
decrypt content encrypted to the corresponding public key.
> I apologize for all the questions... just don't wan t to screw this up.
Do not delete any of your secret keys until you understand the principles a bit
better. Your present course will lead you to unwelcome and undesired results.
I'll hazard a guess that you are conflating user IDs with the actual key material.
--
John P. Clizbe Inet: JPClizbe(a) tx DAWT rr DAHT com
Ginger Bear Networks hkp://keyserver.gingerbear.net
"Be who you are and say what you feel because those who mind don't matter
and those who matter don't mind." - Dr Seuss, "Oh the Places You'll Go"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 679 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20071211/620ca8bf/attachment-0001.pgp
More information about the Gnupg-users
mailing list