Re: Best practices for obtaining a new GPG certificate

Werner Koch via Gnupg-users Thu, 18 Mar 2021 07:22:13 -0700

On Thu, 18 Mar 2021 00:06, David Mehler said:

> My existing GPG certificate is going to expire in less than a month.
> I'd like to know current best practices for obtaining a new one? In


Do you really want a new one?  Usually it is easier to prolong your key.
By default a new key has an expire data so that unused keys and those
with forgotten passphrase will eventually expire.  In general you just run

  gpg --quick-set-expire FINGERPRING EXPIREDATE

Expire dat may be something like 5y for 5 years or an explicit date like
2024-12-31.

Here is an example

  $ gpg -K A94A6DF8CDF934DB2BF98A46254A558A7E6D52D8

  sec   ed25519 2021-03-15 [SC] [expires: 2023-03-15]
        A94A6DF8CDF934DB2BF98A46254A558A7E6D52D8
  uid           [ unknown] f...@example.de
  ssb   cv25519 2021-03-15 [E]
        989ABB95E888956DBD5D7F66C376233B98457556
  
  $ gpg --quick-set-expire A94A6DF8CDF934DB2BF98A46254A558A7E6D52D8 4y


  $ gpg -K A94A6DF8CDF934DB2BF98A46254A558A7E6D52D8
  
  sec   ed25519 2021-03-15 [SC] [expires: 2025-03-17]
        A94A6DF8CDF934DB2BF98A46254A558A7E6D52D8
  uid           [ unknown] f...@example.de
  ssb   cv25519 2021-03-15 [E]
        989ABB95E888956DBD5D7F66C376233B98457556


Send the public key then to your peers, keyserver, web key directory, or
wherever. 


Shalom-Salam,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

signature.asc
Description: PGP signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Best practices for obtaining a new GPG certificate

Reply via email to