editing User ID
David Shaw
dshaw at jabberwocky.com
Thu Apr 17 18:13:30 CEST 2008
On Thu, Apr 17, 2008 at 10:18:03AM -0500, rick wrote:
> In setting up a user I managed to fat finger the email address.
> The pgp documentation shows how to edit the user information using the -ke
> (key edit) flag, but I am unable to find a similar capability in gpg. I
> thought that possibly I could remove the user id, then recreate the user
> with the corrected email address but I was unsure if I could retain the
> ability to decrypt existing files.
>
> Is it possible to edit the user information in pgp? Can someone point me
> to the applicable documentation for this item?
You can't really edit user information. The reason is that the
information is "bound" to the key with a self-signature - editing the
user ID info would cause that signature to become invalid. This is
for reasons of self integrity, as you wouldn't want an attacker to be
able to edit your user ID information.
The way to do what you want is to add a new user ID, with the correct
information (gpg --edit-key then "adduid"), then remove the old
incorrect UID. There are two ways to remove that:
gpg --edit-key then "deluid".
If you haven't sent the key to anyone, then this is safe. It deletes
the bad user ID completely and that is that.
If you have sent the key to anyone (and that includes the keyserver),
the best you can do is revoke the user ID, which tags it with a flag
to indicate it should not be used:
gpg --edit-key then "revuid".
David
More information about the Gnupg-users
mailing list