Upgrading keys to larger than 1024

Thomas Harning Jr. harningt at gmail.com
Tue Sep 10 20:22:14 CEST 2013

If you are upgrading, I would recommend contacting those that you
previously had keysigning with and see if the policy they follow
allows for obtaining re-signatures based on prior information.
My key signing policy [1] allows for an "Accelerated Signing" where I
may opt to sign a users' key given certain conditions, such as they
must show control of the prior key and it must not have been revoked
due to compromise, etc...
This was put in due to the understanding that keys should be recycled
on occasion to keep with the times and it isn't always practical to
meet up with everybody you exchanged signatures with.

A better solution, hopefully useful for you, is to contact everybody
you've exchanged signatures and have a grand ol' signing party, but
oftentimes it isn't practical.

1: http://www.eharning.us/gpg/key-signing-policy/

On Tue, Sep 10, 2013 at 12:47 PM, AdamC <kabads at gmail.com> wrote:
> I have keys that I have used (sparingly) since 2004. This is a 1024 keysize.
> That keypair has a few signatures through key signing.
> What is the best approach to upgrading keys to 4096? Is it just create a new
> keypair and then go to lots of key signing events again (pain), or is there
> a way to do this with my current keys?
> Adam
> --
> You back your data up on the same planet?
> PGP key: 0x7111B833
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

Thomas Harning Jr. (http://about.me/harningt)

More information about the Gnupg-users mailing list