Refreshing private key

gnupgpacker gnupgpacker at on.yourweb.de
Fri Dec 19 09:09:32 CET 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello,
is there is a need keeping old key id, you can generate new subkeys for A/S/E, keeping the old 2048bit certification key C only for offline signing.

Keystructure:
Mainkey with old ID 2048bit
- - Subkey A 8096bit
- - Subkey S 8096bit (beware of this, long signature...)
- - Subkey E 8096bit

Old subkeys can be deactivated/revoked or not, GPG will use latest keys generated.

Generating keys > 4096bit can be done with GnuPG-Pack up to 50176bit (RSA) with some additional features:
http://home.arcor.de/rose-indorf/

Beware of compatibility with standard gpg installations!
Security advantage isn't as great as it seems to be...

Regards, Chris
(RSA-Testkey 0x3E2E0598)

> -----Original Message-----
> Sent: Thursday, December 18, 2014 11:52 AM
> My current key is 2048 bits in length and I
> would like to have something that is closer to 8192 bits in length. Is
> there a way that I can accomplish this without revoking my key so that I
> can keep the same public key id? Any preferred RTFMing you can point me
> to?

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJUk908AAoJEMMs0SrWTTEmRz4P/i8iJYKz5ta0145WEH3E64A5
mzVkN/7YI9mXapYp/7YzQAYq583P8kKoubCQorvyXYOI2RnehsThw/lRSvU3KId7
u+iqxdPOMT10tWzBSjIObxNZiw5DEV733Y8uI+I0CVSAiVYlvEEPY2j76SMngwWQ
XkcJUW2oOagnJSfK8IKJ3es+N72JHh7ZHJQYTj1iV+SKJN83Y+RdP4XcSJiHjLsu
hWeim3h19gYg/Kt9SQDIaJj94ucP2b9QADdZjQEx0yYUdZMpswa0Velq69LwWKi9
PUkR47R9PdJbfo0AeCfXmVY4kto2gkUNvgbFWcAko7CTVY+fJyIrFl/4MaDi/vo9
oNLNmhdUUHbXaxVQaAAuR+yK0aQu6C+hHWTzlKdmhGgPPQxcFLBmiLplv+Q36qmI
JHd5j2On6uzJ1s3WtvxcOr9Hs1f54q0LpkK6X4bMj91/PY9DLzNLXTOSGpq2ICsm
H++zQC3Nz1Ap8CIY5bsuZJpjZgpeIBPL2QMvmg53DpozSb2PAL4quCeNDRcluFjc
7ReOQ7BHUbXTN2EBSlhA/oBPr8eFh/qdLBN+9toR+7eX4ScFIauwegOxVjj+Eq00
9HSJBOTI7KS+MRarnkMoKP3CG4HjbiVpUIRUEI86O+pY0SkjgtDPVDyxh4uRkuJe
uxhLHOtkSF3qCL07P0h7
=iVQV
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list