Updating signature cert-level

Doug Barton dougb at dougbarton.us
Tue Apr 26 22:12:00 CEST 2011


On 04/26/2011 13:06, Aaron Toponce wrote:
> I signed a key, of which defaulted to cert-level 0 (I will not answer),
> which must be the default. When signing the key, GunPG didn't ask me about
> any checking. However, I would like to update the cert-level to 2 (I have
> done casual checking), but I'm unaware of how to do this. Do I need to
> revoke my signature, and re-sign, seeing as though GnuPG won't let my sign
> the key if I've already signed it?

I think you can delsig, then sign again. The keyservers would have both, 
but hopefully client software (like gpg) would be smart enough to use 
the more recent? I would imagine that revoking a signature and then 
signing again would make it worse instead of better?

Meanwhile, add ask-cert-level to your gpg.conf.


hth,

Doug

-- 

	Nothin' ever doesn't change, but nothin' changes much.
			-- OK Go

	Breadth of IT experience, and depth of knowledge in the DNS.
	Yours for the right price.  :)  http://SupersetSolutions.com/




More information about the Gnupg-users mailing list