Long Term Key Management With Hardware Tokens

Andrew Gallagher andrewg at andrewg.com
Tue Jun 22 11:13:52 CEST 2021

On 22/06/2021 07:47, Brandon Anderson via Gnupg-users wrote:
>> If you know the recipient, then solving the latter is easy. Ask the 
>> recipient
>> to resend the message encrypted with your new key.
> In my setup, when something is sent, only the encrypted mail is sent to 

> my sent folder, so if I were asked as you suggest, I would have no way 
> to send the letter without rewriting it; I assume this is true for 
> others as well. But even so, if it's old mail, the request may be 
> impossible.

For the benefit of the archives, it is possible to encrypt outgoing 
emails to your own key as well as the recipient's key, which ensures 
that the sent-mail folder is readable by the sender. Most email clients 
will do so by default (e.g. mutt, thunderbird/enigmail), and in most 
such clients all you need to do to re-encrypt to the recipient's new 
subkey is "Edit" -> "Send" or similar. So in the general case this is a 
reasonable request, although it cannot be relied upon (of course).

Andrew Gallagher

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20210622/a3dedd26/attachment.sig>

More information about the Gnupg-users mailing list