[Jelle de Jong] Re: how can i backsign old keys with a smartcard system

Jelle de Jong jelledejong at powercraft.nl
Fri Jul 18 20:03:54 CEST 2008


Werner Koch wrote:
> [Jelle asked me to forward his mail]

thank you Werner (I had a little pebkac :-p)

> 
> Subject:
> Re: how can i backsign old keys with a smartcard system
> From:
> Jelle de Jong <jelledejong at powercraft.nl>
> Date:
> Fri, 18 Jul 2008 18:15:51 +0200
> To:
> Werner Koch <wk at gnupg.org>
> 
> To:
> Werner Koch <wk at gnupg.org>
> 
> 
> Werner Koch wrote:
>> On Fri, 18 Jul 2008 15:09, jelledejong at powercraft.nl said:
>>
>>> I tried searching the internet but found no solutions only this:
>>> https://bugs.g10code.com/gnupg/issue673
>>
>> Right, you hit this case.
>>
>>> The question now is, how can i backsig my old keys with my smartcard
>>> system to solve the cross-certification workaround?
>>
>> You need to do this on a system where the real key is available.  The
>> error message indicates that the actual secret key is not available but
>> replaced by a dummy stub (protection mode 1001).  This has nothing to do
>> with a smart card stub (protection mode 1002).
>>
>>
>> Salam-Shalom,
>>
>>    Werner
> 
> Thanks you again for the good information.
> 
> I imported my real security keys and did a cross-certify and uploaded 
> the keys to your preferred server. When will the key server sync?
> 
> gpg --edit-key 6F63E479
> Command> cross-certify
> Command> quit
> gpg --keyserver keys.gnupg.net --send-keys 6F63E479
> 
> Because the keys are so imported, I ask a lot and experiment little I 
> hope this is a bid understandable.
> 
> I removed my ~/.gnupg/ folder and restored my original key system and 
> notisched the cross-certify issue was back agian. Then I updated my keys 
> with Enigmail agianst the keys.gnupg.net server and this updated my keys 
> and the cross-certify issues was gone again.
> 
> I would like to know how I should backup this new altered keys? What 
> keys are changed by the cross-certify command and how should I update my 
> orignal keys.
> 
> I have two original files secring.gpg and pubring.gpg
> 
> I hope you can help me,
> 
> Thanks in advance,
> 
> Jelle



More information about the Gnupg-users mailing list