editing User ID

rick rick at ttys0.us
Thu Apr 17 18:21:37 CEST 2008

On Thu, 17 Apr 2008, David Shaw wrote:

:Date: Thu, 17 Apr 2008 12:13:30 -0400
:From: David Shaw <dshaw at jabberwocky.com>
:To: gnupg-users at gnupg.org
:Subject: Re: editing User ID
:On Thu, Apr 17, 2008 at 10:18:03AM -0500, rick wrote:
:> In setting up a user I managed to fat finger the email address.
:> The pgp documentation shows how to edit the user information using the -ke 
:> (key edit) flag, but I am unable to find a similar capability in gpg.  I 
:> thought that possibly I could remove the user id, then recreate the user 
:> with the corrected email address but I was unsure if I could retain the 
:> ability to decrypt existing files.
:> Is it possible to edit the user information in pgp?  Can someone point me 
:> to the applicable documentation for this item?
:You can't really edit user information.  The reason is that the
:information is "bound" to the key with a self-signature - editing the
:user ID info would cause that signature to become invalid.  This is
:for reasons of self integrity, as you wouldn't want an attacker to be
:able to edit your user ID information.
:The way to do what you want is to add a new user ID, with the correct
:information (gpg --edit-key then "adduid"), then remove the old
:incorrect UID.  There are two ways to remove that:
:  gpg --edit-key then "deluid".
:If you haven't sent the key to anyone, then this is safe.  It deletes
:the bad user ID completely and that is that.
:If you have sent the key to anyone (and that includes the keyserver),
:the best you can do is revoke the user ID, which tags it with a flag
:to indicate it should not be used:
:  gpg --edit-key then "revuid".

Thanks, I did use the --edit-key - revuid then adduid and recreated the 
user.  Everything seems to check out OK.

Thanks again

More information about the Gnupg-users mailing list