best practice for handing over the private key

Simon Ward simon+gnupg at
Sun Aug 4 15:13:01 CEST 2013

On Fri, Aug 02, 2013 at 04:31:24PM +0300, Martin T wrote:
> > Your description sounds, to me, as if you are only generating a key for the other persons use.
> Not quite. At the beginning I need to use those keys myself in order
> to create the needed database objects. Once those are done, I need to
> hand over the private key to other person. So basically I'm generating
> a key pair for other persons use which I need to use myself at the
> beginning.

RIPE objects can have multiple maintainers. Add a MNTNER object for
yourself, authenticating with your own key. Create any other objects you
need, and a MNTNER object for the other person, adding their public key.
Add mnt-by field for the other person to the objects you created. You
or the other maintainer should be able to then remove you as a
maintainer of these objects.

MNTNER objects can also have multiple authentication methods. You can,
for example, use both a PGP key and a password. I assume you can add
multiple PGP keys.

Simon Ward
A complex system that works is invariably found to have evolved from a
simple system that works.—John Gall

More information about the Gnupg-users mailing list