Restructure Keys.
Ingo Klöcker
kloecker at kde.org
Wed Jun 5 21:43:16 CEST 2024
On Mittwoch, 5. Juni 2024 19:06:54 CEST Raghav Gururajan via Gnupg-users
wrote:
> How do I restructure my keys from current/old setup to new setup?
>
> Current/Old Setup:
> PrimaryKey - CS
> SubKey - E
>
> New Setup:
> PrimaryKey - C
> SubKey1 - E
> Subkey2 - S
>
> I think of two options.
>
> Option 1:
> Create new SubKey with E-only and change usage of PrimaryKey to C-only.
Just create a new S-only subkey. There's no need to remove the S capability
from the primary key because the signing key is only used by yourself and you
know that you want to use the subkey for signing.
> The major caveat is I'll have to update the fingerprint of signing key
> at multiple places.
Not really. At least not for gpg because gpg will automatically use the newest
signing (sub)key for signing data (unless you specified the signing key with
trailing exclamation mark).
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20240605/9bc8ca70/attachment.sig>
More information about the Gnupg-users
mailing list