Creating a new Identity
Juan Miguel Navarro Martínez
juanmi.3000 at gmail.com
Thu May 14 22:51:25 CEST 2015
Alfredo Palhares:
> - I use a password manager[3] to store my passwords and share them across
> devices, since they would be to separate keys, I would need to encrypt for to
> separate key IDs right ?
>
I don't understand what you are trying to say here.
Alfredo Palhares:
> - How do you store your master GPG key offline ?
>
Store it in a Smartcard, like Yubikey, an air-gapped computer or a CD or
USB, then you can import the secret key back to your PC if you need to
sign keys, then delete it afterwards.
Alfredo Palhares:
> - Comming from another email and GPG what would be the best method to prove I am
> the person that used masterkorp at masterkorp.net email and X key id ?
>
Why not just use the same old master key, just add the new UID
(alfredo at palhares.me) and revoke, if you want to, the old UID
(masterkorp at masterkorp.net).
If you want to really transition from key to key, you can sign the new
key with the old key. And if you know of people that use GPG and follows
the news from you (on your blog, website), you can make a key transition
statement[1][2][3] signed by both the old and new GPG keys.
I created an script[4] to make an unsigned transition statement, you are
free to look at the code and see if there is something bad or wrong with
it, you are also free to modify it as well.
[1] http://vincent.bernat.im/en/blog/2012-gpg-transition-new-key.html
[2] http://www.itais.net/key-transition-2014-12-12.txt
[3] http://blog.josefsson.org/2014/06/23/openpgp-key-transition-statement/
[4] https://paste.debian.net/177153/
More information about the Gnupg-users
mailing list