keysigning: lsign and offline master key
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Sun Jan 5 01:38:00 CET 2014
On 01/04/2014 04:41 PM, nb.linux wrote:
> - ...here I'm stuck, because (as I understand the lsign) I cannot export
> the signature...
>
> Is this right?
> How can I lsign a key and transfer the local signature from my air
> gapped system?
> Maybe by copying the keyring files between the systems?
You have at least two approaches available to you:
0) --export-options export-local on your air-gapped system, combined
with --import-options import-local on your "regular" system.
1) create a secret key that lives only on your "regular" system; give
it ultimate ownertrust, but never publish it. Use it to make
non-exportable signatures.
Would either of these workflows meet your goals?
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140104/05cd0dda/attachment.sig>
More information about the Gnupg-users
mailing list