Jukka Zitting wrote: > Hi, > > On Tue, Aug 11, 2009 at 4:09 PM, Rich Bowen<[email protected]> wrote: >> Is it possible to regenerate my gpg key without losing all the signatures on >> my existing key? > > To bootstrap the new key, you could sign it with your old key. > > Not sure if that should be enough for others to trust that it came > from you even without a F2F keysigning party.
Signed with Ultimate trust, it should be enough. You can have multiple private keys in place so enigmail and other programs will still decrypt all of your artifacts. But you should have people sign the new key (and we can do so, trusting that you-were-you, and your new key has ultimate trust from the key we already signed). E.g. my old key is still valid, not yet revoked, but used far too often for far too many artifacts. So I rolled a 10 year (you might want it to be forever) master key, and just roll some one or two year encryption and signing keys to use for 'a while'. The nice bit, people sign your master key. You sign your subordinate keys for various purposes, creating new ones whenever you want. So no more need to get new keys signed. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
