-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 William A. Rowe, Jr. wrote: > Jukka Zitting wrote: >> Hi, >> >> On Tue, Aug 11, 2009 at 4:09 PM, Rich Bowen<[email protected]> wrote: >>> Is it possible to regenerate my gpg key without losing all the signatures on >>> my existing key? >> To bootstrap the new key, you could sign it with your old key. >> >> Not sure if that should be enough for others to trust that it came >> from you even without a F2F keysigning party.
for the moment, yes once 1024 bit keys become generally untrusted, no this is the big advantage of a measure transition: having to purge your only key when DSA is conclusively broken will be a PITA > Signed with Ultimate trust, it should be enough. You can have multiple > private keys in place so enigmail and other programs will still decrypt > all of your artifacts. But you should have people sign the new key (and > we can do so, trusting that you-were-you, and your new key has ultimate > trust from the key we already signed). > > E.g. my old key is still valid, not yet revoked, but used far too often for > far too many artifacts. So I rolled a 10 year (you might want it to be > forever) master key, and just roll some one or two year encryption and > signing keys to use for 'a while'. > > The nice bit, people sign your master key. You sign your subordinate > keys for various purposes, creating new ones whenever you want. So no > more need to get new keys signed. this is the setup i'm using ATM - - robert -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIcBAEBAgAGBQJKgr0pAAoJEHl6NpRAqILLQewP/jEaNbFJ3M9MjzSfKir0N1T/ qKLDPkO+tfU6tkq/ywr2j10QJkTm4G23AUMiEMHA0AMmg8mz0QhPb+WiuVxMm+9S Sl0mgbhtn/ZOKd9SrctksDqThq3N03we+OtIkSJ5WJkjqxl8umkZhSaIyJWluFrs a8JVLrmYLs4niUAtJ2o5QJZbWHrf5W0QRCtx5Kh7g/PtXuooNYNphh8OBty4N56y mzv3QwmILlaoiMxwYW/UOBH4Jq7lzpIF+xC3Eqh8Pa+KXd2034nW/3lQnqi5aEbj 81iT3BYWrADIszurr2xvOnbDNrTxnhSCT1aXFFhAPpRBumrvvudtTOL2FHmLbqOu 36AztnlGIyAO+ho48AEybx1GuSLO/BkBaeiWTGrkEtv4gZiSvWwWooFjp/gbYpIJ +gwWiBuUH3FBdAN7YAb7il4bH9L/Iip0hxWtDhq63FM6qlKgKoiDB/fG0h7Gl5M8 MFozOk8GBMF5sJJvmEfcqC691am5rHYO5KWYBuiEl2Bc9BJQC/rdwwggk2o8V9uP n1bw4jwrwR9YsO9aLEHgNiCAh0xq1MD57HbeFNLstBy9HtQto8VAisHh6rF8qPYA 0+RwdnSBiKaJMiMPzOrts/XEC41CMb3FqLWHrMUp9Y8cY6qSaGrWFcZHLdsKireg hL6yTDt0cgiSqUbi4JZm =1Zsv -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
