Seeking clarification with a few GPG concepts

pzeudo at pzeudo at
Wed Aug 13 14:54:40 CEST 2014

Hi, and thanks again for your answer.

I have the feeling I may have formulated my question badly.
I do know that data that has been out in the open cannot be made forgotten. What I wanted to ask was this, basically:
Assume I generate a completely new gpg key and play around with it. Say I add some UIDs and some subordinate keys, and then remove a subset of those. Only after having done all this, I upload this key's public info, for the first time, to a keyserver and tell you about it. Could you now, from this one snapshot, tell which UIDs and subkeys I added and then deleted again?
I tried playing with list-packets and pgpdump, and to me it looks like no such information is available, but then again, I'm not familiar with the inner workings of gpg.


On 8/13/2014 at 2:30 PM, "Peter Lebbing" <peter at> wrote:
>On 13/08/14 13:30, pzeudo at wrote:
>> How much history is saved in a gpg key?
>Pretty much everything. You can edit what you give others to your
>heart's content, but old data will still linger in a lot of places 
>can recombine with your new data. Keyservers in particular never 
>any data out (I think), but only add new data to the existing data.
>Similarly, unless explicitly instructed, GnuPG will keep old 
>and uid's and stuff around.
>> Can other people see the full history of what I did in the 
>They usually can, especially if the key is on the keyserver 
>> what would I have to do to see what's saved?
>The most information is given by a command like:
>$ gpg2 --export KEYID | gpg2 --list-packets
>There might be switches to be even more verbose, but this already 
>all old signatures and stuff.
>You might want to import your own key from the keyserver to see 
>you have deleted locally.
>But in general, assume that anything you send out will be uploaded 
>someone to the keyserver, and stay there indefinitely.
>I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
>You can send me encrypted mail if you want some privacy.
>My key is available at <

More information about the Gnupg-users mailing list