Removing old preferences from exported key

David Shaw dshaw at
Mon Apr 7 15:16:36 CEST 2014

On Apr 7, 2014, at 2:06 AM, Johan Wevers <johanw at> wrote:

> Hallo,
> I changed the preferences for my gpg key to add the new Camelia ciphers
> and move IDEA more backward as I got problems with people with old pgp
> keys using old gnupg versions claiming they supported it but actually
> didn't support it.
> However, when I export the key it now contains both preference
> signatures. I did export it with
> export-options export-clean-sigs export-clean-uids
> in gpg.conf.
> How do I export it removing the first preference signature?

When you change preferences you add another selfsig for your user ID that contains the new preferences.  If you want to make the old preferences go away completely, you can simply delete the old selfsig via delsig (you only need one selfsig, and the newer one is already present).  However, this won't necessarily do what you want - since keyservers are strictly additive, even if you delete the old selfsig, when you upload to a keyserver, any keyserver that has seen the key with the old selfsig will put it back.  Similarly, if someone had your key with the old selfsig, sending them the new preference will cause them to have both.

Luckily in practice, this isn't a problem - most implementations will ignore the old selfsig/preference in favor of the newer one.


More information about the Gnupg-users mailing list