on Thu, Nov 09, 2000 at 09:35:56AM -0600, Jorgensen, Jens (jens.jorgensen@tallan.com) wrote: > Adam Shand wrote: > > > > how do i sign my new public key with my old private key? > > > > okay sorry to follow up my own message but i just figured it out. > > sometimes it seems that i have to write down (or explain it to someone > > else) in order to figure it out. > > > > if you need to do this it seems impossible from with in the --edit-key > > menu you need to do it on the command line like this: > > > > # gpg -u old-key-id --sign-key new-key-id > > > > so now my next question is. my old key id is expired but i've used it to > > sign my new key. i don't want people to use my old key. > > > > should i revoke my old key or will that illegitimize it's signature on my > > new key? > > > > should i move the expire date on my old key (and update the keys server)? > > if i do that how do i stop people from using it? > The tools people use for sending you stuff should tell them that the > key is expired. That should encourage them not to use it. If you > revoke your old key that certainly invalidates the signature. > Technically you can't change the expire date. I mean there's nothing > to stop the software from changing the date and regenerating the > signature but the server *should* recognize this and reject such a > change since the old signature includes the expiration date. My understanding is that you *can* change the expiration date, though typically you wouldn't do so after the key had expired. The change can be propogated through public keyservers. Question for the gallery: Is there a good method for checking a local keyring against a public keyserver to find updates and/or additional signatures. The best I can do right now is list the key IDs I've got and do a 'gpg --recv-keys' to update this list. -- Karsten M. Self <kmself@ix.netcom.com> http://www.netcom.com/~kmself Evangelist, Zelerate, Inc. http://www.zelerate.org What part of "Gestalt" don't you understand? There is no K5 cabal http://gestalt-system.sourceforge.net/ http://www.kuro5hin.org
Attachment:
pgp9wrdSNM_hc.pgp
Description: PGP signature