Re: asymmetry of 'adduid' and 'deluid'
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 24.07.2012 16:58, ved...@nym.hush.com wrote: > Recently added a uid and deleted a uid to one of my keys. > > Found that to add a uid, gnupg asks for the passphrase, but to > delete a uid, it does not. > > (Doesn't really matter much, since the secret key is required for > both, but was curious if there is any underlying reason why gnupg > does it this way.) I'm not sure, but this might be because deleting uid isn't permanent if you sync the key from keyserver. 1. Create UID. 2. Push key to keyserver. 3. Delete UID. 4. Get key from keyserver. 5. The deleted UID appears. You should use command revuid, if you want to revoke UID. - -- Mika Suomalainen NOTICE! I am on mobile broadband with very limited time, so I cannot read emails very much. The best time to contact me is probably weekends when I have better connectivity with good luck. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Public key: http://mkaysi.github.com/PGP/key.txt Comment: Fingerprint = 24BC 1573 B8EE D666 D10A AA65 4DB5 3CFE 82A4 6728 Comment: Why do I (clear)sign emails? http://git.io/6FLzWg Comment: Please remove PGP lines in replies. http://git.io/nvHrDg Comment: Charset of this message should be UTF-8. Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCgAGBQJQD6lSAAoJEE21PP6CpGcolsYP/jvQ/OmQ2HqekfnUWPe+kHU5 h3FGdH1zLAQXq5mm41GpNi2ClnDHjridH4cbwHMlB+36SLcxHyHXMCX/Has6r0+z AIPlT9hkhe840w2tnFdZIgXPgoz4rNEZ2YV+TUWxjTm/Rs8ViIObtU66zyCe36a+ VoMKpMHmrGcAQdLw1JGWVAOYtGaHcz5xhdMAZoT935t3O7irdnlO3nmabMMUcLXV 8BdPAXCQdaUSUNbui3riLwMUC449Jx8hbM2hLNK21iOIZclVz9Wf0TLo1PhEh0TC UK/cyHos29DGm8oVEhlwTxh6m58uzAI7mAU3yOPPPKw5TzFJwNSzOW3QRZhWD16D iH6WaLOViHC+4ipZurac+6cTbHeWSAm4NV6AC/OZPkvCOCgP+gDERtAZJn+wbBBm jyPmcVWRpppF2pAs+NMytNO2mD2HPO88X4F09msALKx5IKxWzobiv+wnbQnAI/q4 kMW8O3IVn+qg4+Jhylg7J++CdvCvdr9tAhwQigntNgzmidSZTJjwKCGpmprPkpTX Yw44qymelrhx0SObjjjsrh7wX6YcENuGOsldqtjQRUD8RjAPtqe6ULsYDuCa3ZKC ZOJwjbcTVYBtqC//lPHyGhWufxCq67lpQ1MNyBUF1s4pONKOuScJc3dOu3QuAGM+ sM5vXEhK2uDAaATovvtT =MMai -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: asymmetry of 'adduid' and 'deluid'
On Tue, 24 Jul 2012 15:58, ved...@nym.hush.com said: > Found that to add a uid, gnupg asks for the passphrase, but to > delete a uid, it does not. For “adduid” we need to a create a user-id binding signature (self-signature) and thus need the secret key and in turn the passphrase. “deluid” simply removes the user-id, its self-signature, and its key signatures. No need for any crypto operations. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
asymmetry of 'adduid' and 'deluid' // my mistake, sorry ;-(
'Doesn't really matter much, since the secret key is required for both,' sorry, my mistake, to remove a uid, doesn't require the secret key, (probably done this way to maken it easier for users to manage their public keyrings) vedaal ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: asymmetry of 'adduid' and 'deluid'
On Jul 24, 2012, at 9:58 AM, ved...@nym.hush.com wrote: > Recently added a uid and deleted a uid to one of my keys. > > Found that to add a uid, gnupg asks for the passphrase, but to > delete a uid, it does not. > > (Doesn't really matter much, since the secret key is required for > both, > but was curious if there is any underlying reason why gnupg does it > this way.) To add a UID, GnuPG needs to generate a binding signature from the primary key. To generate a signature, we of course need the passphrase. To delete a UID, GnuPG just needs to throw away packets. No signature needed, so no passphrase needed. Note that to revoke (rather than delete) a UID involves making a signature as well, and will also require a signature. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: asymmetry of 'adduid' and 'deluid'
On 07/24/2012 09:58 AM, ved...@nym.hush.com wrote: > Recently added a uid and deleted a uid to one of my keys. > > Found that to add a uid, gnupg asks for the passphrase, but to > delete a uid, it does not. > > (Doesn't really matter much, since the secret key is required for > both, > but was curious if there is any underlying reason why gnupg does it > this way.) possession of the secret key is not required for deluid, actually. look at it this way: deluid is just an edit of your local keyring -- it removes a handful of packets (note that if the key is already on the public keyservers or someone else has a copy, they will still have the user ID that you deleted). adduid, on the other hand, requires the creation of a new cryptographic signature: the self-sig made by the primary key over the user ID. To create this self-sig, gpg needs access to the secret key material for the associated primary key. make sense? hth, --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
asymmetry of 'adduid' and 'deluid'
Recently added a uid and deleted a uid to one of my keys. Found that to add a uid, gnupg asks for the passphrase, but to delete a uid, it does not. (Doesn't really matter much, since the secret key is required for both, but was curious if there is any underlying reason why gnupg does it this way.) vedaal ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users