my gpg key does not conform to rfc4880?

Brian J. Murrell brian at
Thu Oct 10 21:12:35 CEST 2013

On 13-10-10 02:02 PM, Daniel Kahn Gillmor wrote:
> your key 0x9771109462F2B970 appears to be an OpenPGPv4 key, not an
> OpenPGPv3 key, so i'm not sure what the person you were talking to was
> talking about.

Ahh.  Interesting.  I will point that out to him.

> that said, 0x9771109462F2B970 claims to have been generated on
> 1998-02-16, and is a 1024-bit DSA key.  This is a weak key by today's
> standards, and the fact that it has been in use for over 15 years makes
> me think that you should probably generate a new primary key anyway.

Yeah.  I have considered both of those things also.  I guess the only
thing that was holding me back was that the existing key has an
investment in signatures on it though.  What I am unclear about is how
the authenticity and trustibility of my new key will be regarded in
relation to the existing key with all of the signatures on it.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20131010/1a5bfcbc/attachment.sig>

More information about the Gnupg-users mailing list