Seeking clarification with a few GPG concepts
peter at digitalbrains.com
Wed Aug 13 14:29:49 CEST 2014
On 13/08/14 13:30, pzeudo at hushmail.com wrote:
> How much history is saved in a gpg key?
Pretty much everything. You can edit what you give others to your
heart's content, but old data will still linger in a lot of places and
can recombine with your new data. Keyservers in particular never throw
any data out (I think), but only add new data to the existing data.
Similarly, unless explicitly instructed, GnuPG will keep old signatures
and uid's and stuff around.
> Can other people see the full history of what I did in the meantime
They usually can, especially if the key is on the keyserver network.
> what would I have to do to see what's saved?
The most information is given by a command like:
$ gpg2 --export KEYID | gpg2 --list-packets
There might be switches to be even more verbose, but this already shows
all old signatures and stuff.
You might want to import your own key from the keyserver to see anything
you have deleted locally.
But in general, assume that anything you send out will be uploaded by
someone to the keyserver, and stay there indefinitely.
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users