-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Hello,
> This key may be revoked by DSA key 835DE1F5 [?] > pub 1024D/7991C875 created: 2005-01-04 expires: never usage: SC > trust: validity: > sub 2048g/7E97A4F7 created: 2005-01-04 expires: never usage: E > (1). Basar Alabay <[email protected]> > (2) Basar Alabay <[email protected]> > (3) Basar Alabay <[email protected]> > (4) Basar Alabay <[email protected]> > (5) Basar Alabay <[email protected]> Hm, this does not look very actual indeed. My own "gpg --edit-key 7991C875" shows some more addresses and one of these is revoked/deleted. And the > gpg> showpref … is different too, all are set to: Digest: SHA512, SHA384, SHA256, RIPEMD160, SHA1 Komprimierung: BZIP2, ZLIB, ZIP, nicht komprimiert Eigenschaften: MDC, Keyserver no-modify > According to the above information, your signing key is your primary key: > 1024D/7991C875 created: 2005-01-04 expires: never usage: SC > > If I am not wrong, with a 1024 bit DSA key, you cannot use SHA 256, SHA512. Would this mean my digest list above is wrong? > If you want to keep this key (and not generate a new one, {which is not > necessary), you can add a sign only subkey, RSA 2048 bits, that will > give you the possibility of using SHA512. I could also add an RSA 4096 sign only; I could do this with the GPG keychain utility. Now is the question, what would be better, adding such a subkey or revoking? I also wonder if those deleted IDs will pass through the servers or not. If not, I guess I have to revoke them explicitly. But, is it possible to revoke an ID and later to reactivate it? Or would it be to create a new (old) ID with a reused mail address? > As an example, this is how my own key A57A8EFA looks like in Terminal: > =========== > pub 1024D/A57A8EFA created: 2002-02-11 expires: never usage: SCA > trust: ultimate validity: ultimate > sub 2048g/CE3A0945 created: 2002-02-11 expires: never usage: E > sub 2048R/855B83EF created: 2005-11-20 expires: never usage: S > =========== > As you can see, the primary key was generated on February 11, 2002. > The sign only subkey RSA2048 was added on November 20, 2005: > sub 2048R/855B83EF created: 2005-11-20 expires: never usage: S > I am currently using SHA256, enabled in ~/.gnupg/gpg.conf with the > following option: > personal-digest-preferences SHA256 You don't add several mail addresses to that key? Do you have more keys? > If you are interested in adding such a subkey, and configuring your > gpg.conf to use SHA512, please let me know, I'll try to walk you through > the process in Terminal. Thanks. Maybe first to understand these open questions would be the first step. Greets, B. Alabay -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: <http://www.gnupg.org/> iEYEAREDAAYFAk1AtP4ACgkQ6sDC3HmRyHWwVgCfWwZanAjcVPWplbQGUd3vuWfk FR0AoK62uxPrxpAptXeg82y8v1YMIFre =H6if -----END PGP SIGNATURE----- _______________________________________________ gpgtools-users mailing list [email protected] Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users Unsubscribe: http://lists.gpgtools.org/mailman/options/gpgtools-users/[email protected]?unsub=Unsubscribe&unsubconfirm=1 This email sent to: [email protected]
