On Wed, Oct 27, 1999 at 11:27:08AM -0700, Aaron Van Couwenberghe wrote:
> > Use gnupg :)
>
> OK. That makes sense. However, I have just one problem with doing so...
>
> I have two keys, one GPG and one PGP. My PGP key just recently got resubmitted
> to the keyring-maint with a signature; my GPG key is entire untrusted. If I
> switch to GPG, how can I force it to sign with my PGP key rather than my GPG
> key? Or, if you're using GPG and already have a trusted PGP key, is it
> really necessary to switch to a GPG key?
I have two keys as well, the reason for the dpkg-buildpackage -k patch,
among other things. Attached is my .muttrc and my .gnupg/options. This
should clear up how to do things in mutt at least.
> And, can you put RSA keys (PGP) directly into your GPG pubring/secring? It
> would make sense, I've just never tried before...
Yes, easily---though I tend to leave my pgp key on a pgp ring since gpg
can cope. Make sure you sign your gpg key with your old pgp key. This
will at least show enough trust to get it into the keyring. From then on
use it for signing everything and ask people to place their sigs on it.
Anytime you meet a new developer (or an old one not on your list) you
should have them sign the gpg key, not the pgp one. (Or you can have them
sign both if you don't intend to retire your pgp key eventually as I plan
to do..)
This thread is timely, I just changed my sig to not reference my RSA key
and everything. =>
--
- Joseph Carter GnuPG public key: 1024D/DCF9DAB3, 2048g/3F9C2A43
- knghtbrd@debian.org 20F6 2261 F185 7A3E 79FC 44F9 8FF7 D7A3 DCF9 DAB3
--------------------------------------------------------------------------
<Overfiend> Don't come crying to me about your "30 minute compiles"!! I
have to build X uphill both ways! In the snow! With bare
feet! And we didn't have compilers! We had to translate the
C code to mnemonics OURSELVES!
<Overfiend> And I was 18 before we even had assemblers!
Attachment:
pgpj5UM8cYeaI.pgp
Description: PGP signature