[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: GPG key issue

Hi Francesco,

On Mon, Jan 09, 2012 at 07:39:36AM -0000, Francesco Namuri wrote:
> I hope this is the right place to ask for a advice.

> I have become DD in last days, in all my NM process, and in all my debian
> work I used only my first and last name, my doubt is related to my second
> name. I use it only on official/buroccratic documents.

> Now I've created a new 4096 GPG key, I've specified also my second name (I
> tought that is more correct), my doubt regards this. Maybe it's a problem
> asking for a replacement of my old key? It's better if I recreate a key
> without my second name?

> thanks very much for any advice.

debian-legal is not really the right list for this question; debian-legal is
for discussions of licensing of packages in the archive.  I would suggest
debian-devel as a more appropriate venue for this.

If your intent is to get people who have signed your old key to sign your
new key based on a GPG transition statement, I would recommend that you
include at least one UID on your new key that has the same name as on your
old key.  But you can add multiple UIDs to the key with different full
names, so you can easily have one UID that matches your old key and one with
your full name.

From the standpoint of the Debian keyring, I believe that as long as the
keyring maintainers can clearly map the UIDs on the old key to the new one,
there should be no problem with the update.  For getting signatures on your
new key, that's going to be up to the individual signers to confirm that the
name on the UID matches the name they know for you.

Hope that helps,
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek@ubuntu.com                                     vorlon@debian.org

Attachment: signature.asc
Description: Digital signature

Reply to: