Local-signing without (offline) private master key

Kristian Fiskerstrand kristian.fiskerstrand at sumptuouscapital.com
Mon Sep 12 12:58:08 CEST 2016

On 09/12/2016 11:04 AM, André Colomb wrote:
> What is the recommended practice if I only want to verify message
> integrity, but don't have the master key with Certify ability available?

I'd suggest creating another primary key for explicit local
certification purposes you never use anywhere else, and can rotate that
as often as wanted to start fresh from time to time.

Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
Public OpenPGP certificate at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
Veni vidi velcro
I came, I saw, I got stuck

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160912/e6cc1aed/attachment.sig>

More information about the Gnupg-users mailing list