Seeking clarification with a few GPG concepts

Peter Lebbing peter at
Wed Aug 13 14:29:49 CEST 2014

On 13/08/14 13:30, pzeudo at wrote:
> How much history is saved in a gpg key?

Pretty much everything. You can edit what you give others to your
heart's content, but old data will still linger in a lot of places and
can recombine with your new data. Keyservers in particular never throw
any data out (I think), but only add new data to the existing data.

Similarly, unless explicitly instructed, GnuPG will keep old signatures
and uid's and stuff around.

> Can other people see the full history of what I did in the meantime

They usually can, especially if the key is on the keyserver network.

> what would I have to do to see what's saved?

The most information is given by a command like:
$ gpg2 --export KEYID | gpg2 --list-packets

There might be switches to be even more verbose, but this already shows
all old signatures and stuff.

You might want to import your own key from the keyserver to see anything
you have deleted locally.

But in general, assume that anything you send out will be uploaded by
someone to the keyserver, and stay there indefinitely.



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

More information about the Gnupg-users mailing list