On Mon 2018-09-24 01:09:25 +0100, Andrew Luke Nesbit wrote: > This is using the contents of `~/.gnupg/private-keys-v1.d/` as an API. > If this is *not* part of the API, then what *is* the official > recommendation for generating subkeys?
The part of those pages about "generating subkeys" does use the GnuPG
API.
So I think the question you're asking is "what is the official
recommendation for deleting the cryptographic secret associated with the
master key?"
I agree that it would be nice if there was a clear, supported API for
doing that. I suspect it would be something like:
gpg-connect-agent "delete_key $KEYGRIP" /bye
(and you probably want to get the keygrip via
gpg --with-colons --with-keygrip $FINGERPRINT
)
This clearly isn't a usable situation for most users, so it's primarily
important to document it so that more usable tools can be written that
know how to safely interact with GnuPG under the hood.
--dkg
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
