Hi, and thanks again for your answer. I have the feeling I may have formulated my question badly. I do know that data that has been out in the open cannot be made forgotten. What I wanted to ask was this, basically: Assume I generate a completely new gpg key and play around with it. Say I add some UIDs and some subordinate keys, and then remove a subset of those. Only after having done all this, I upload this key's public info, for the first time, to a keyserver and tell you about it. Could you now, from this one snapshot, tell which UIDs and subkeys I added and then deleted again? I tried playing with list-packets and pgpdump, and to me it looks like no such information is available, but then again, I'm not familiar with the inner workings of gpg.
Thanks! On 8/13/2014 at 2:30 PM, "Peter Lebbing" <pe...@digitalbrains.com> wrote: > >On 13/08/14 13:30, pze...@hushmail.com wrote: >> How much history is saved in a gpg key? > >Pretty much everything. You can edit what you give others to your >heart's content, but old data will still linger in a lot of places >and >can recombine with your new data. Keyservers in particular never >throw >any data out (I think), but only add new data to the existing data. > >Similarly, unless explicitly instructed, GnuPG will keep old >signatures >and uid's and stuff around. > >> Can other people see the full history of what I did in the >meantime > >They usually can, especially if the key is on the keyserver >network. > >> what would I have to do to see what's saved? > >The most information is given by a command like: >$ gpg2 --export KEYID | gpg2 --list-packets > >There might be switches to be even more verbose, but this already >shows >all old signatures and stuff. > >You might want to import your own key from the keyserver to see >anything >you have deleted locally. > >But in general, assume that anything you send out will be uploaded >by >someone to the keyserver, and stay there indefinitely. > >HTH, > >Peter. > >-- >I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. >You can send me encrypted mail if you want some privacy. >My key is available at <http://digitalbrains.com/2012/openpgp-key- >peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users