Importing and using non-self-signed PGP keys
konrad.schwarz at siemens.com
Mon Oct 26 09:20:14 CET 2015
> -----Original Message-----
> From: MFPA [mailto:2014-667rhzu3dc-lists-groups at riseup.net]
> Sent: Montag, 19. Oktober 2015 23:56
> To: Schwarz, Konrad on GnuPG-Users
> Cc: Schwarz, Konrad
> Subject: Re: Importing and using non-self-signed PGP keys
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> On Monday 19 October 2015 at 9:10:17 AM, in
> <mid:A45B1767F1002449A37508C2CC6003D71A00D5 at DEFTHW99EJ1MSX.ww902.siemen
> Schwarz, Konrad wrote:
> > my organization issued to me a public/private PGP keypair that is not
> > self signed.
> Just out of curiosity, do you know what they used to create the key? I
> thought all current openPGP applications for quite a few years have
> automatically self-signed keys they generate.
No, I don't know. Various messages generated by GPG indicate PGP 2.x keys. The message digest is MD5, which GPG warns about.
What I have found out is that the key is signed by my organization -- although I don't know how to display that in GPG.
> > How can I self-sign the new uid in GPG
> But a quick web search showed me  which says:-
Your google-fu certainly outclasses mine!
> create a new UserID for the key in question
> sign your old UserID with the same key
> delete the new UserID
Amazingly (considering the time I had invested beforehand), this works.
More information about the Gnupg-users