[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: When to update public key?

On Thu, May 5, 2011 at 11:16 PM, Jonathan McDowell <noodles@earth.li> wrote:
> On Thu, May 05, 2011 at 10:25:27PM -0400, Andres Mejia wrote:
>> This is an earlier message I sent but to the wrong mailing list.
>> I want to update my outdated public key signed by one DD (it's a 1024D
>> key). I already have a new key (4096R key) signed by at least one
>> other DD (not the same DD). I've signed my new key with my old key.
>> Would this technically count as signatures from 2 DDs?
> No. The DDs sign different keys.
>> Also, I'm still in the NM process. Should I wait until I complete the
>> NM process or can I update my key now?
> keyring-maint prefer that either you replace the key before doing NM, or
> after it's complete and you're a DD, rather than as part of the process.
> (It's much easier to move an existing key from the DM keyring to the DD
> keyring than if we have to remove a key from the DM keyring and add a
> different one to the DD keyring.)
> J.
> --
>                                            xmpp:noodles@earth.li
> To understand recursion, we must first
>                                            understand recursion.
> Version: GnuPG v1.4.10 (GNU/Linux)
> XH7/IilTvrF/fU6+q1hQNEFCt2MFwI8ro6OfDTzfEl5QrTyo7qHCJ5w/c0J4dJ7L
> /LoiiA3T5iy89X7+MpTEhc0iFp68ef+GV9u5Kq/NVNjw0CtPQTFDaaSfr0pKq6tn
> urCFO0mUfQ8iOFDV1GrkhJc79mzuWJW406o+8tXUVQYdABEggJG9s6zxFkoiqbUA
> JHLiSDMkNdvloaNUF3S2fD3A+k/vwWWHz4+B6EsUL8Rp55AyErrXhRXNTPFE3dKS
> SmTmufJrRNvluzQSShQXMvVLv1rvJ6/JSz4lIG/EMD00EsCE+96lScZMzy8wAELL
> vKv4CtVxLid9b6vmOCC+S3BkSjREEcA8g1n0iWUxbJdh4n/jP5boCko5ylynS+FZ
> bnrk3FnGUfexLqJi3Jdw+hOZOrV/Xv02r4DVkO5X2bbsg05BWoOxAZ3zv02nwdKm
> 0Oylokhagawf7FwqbMiLUrp8zbyBYZEmTyvuztxem+YU2ODLwHQscI69EOXyIGkb
> YtzRnz4vHwhyqJV5JYmdwXEfcH6Gk3PmbfsRMUMDXfEz4UKtROxs5aduAxJwnM/k
> BeYUkzf1vq9sVxQnJ4N4n+t5s7y674kXdUtHZAkhi295JPc5vTE0NCiBubwF53f2
> NgLRXPDKIqO19nL3eXg8
> =zT1B

Thank you. I did have some concern that my NM application would be
rejected because of my old key. It is a 1024 bit key and it's only
signed by a single person. I saw that someone else had his application
rejected for what looks to be a reason which is similar to my
situation. See [1]. My new key however is 4096 bits and signed by
several people to include one DD. I had trouble convincing these same
people to sign my old key.

Andres Mejia

1. https://nm.debian.org/nmstatus.php?email=stephen_leake%40stephe-leake.org

Reply to: