When a key expires, does it mean that subkeys are also expired?
--
Jorgen Ch. Lysdal / 0x13CA0C06
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I made a key with default settings. Can I delte the encrypting
subkey that has not expiration date and remake one with an
expiration date?
- --
Allen Schultz
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32) - GPGshell v3.72
iEYEARECAA
Dear GnuPG
As a user of GPG4Win, is there any explanation in the compendium about
the meaning and use of subkeys (I cannot find anything about that matter
in the The Gpg4win Compendium 3.0.0)
Best regards,
--
Roland Siemons
0xAEEC5E2ED87628F5.asc
Description: application/pgp-keys
Hello !
"Jørgen Lysdal" <[EMAIL PROTECTED]> wrote:
> When a key expires, does it mean that subkeys are also expired?
The key below seems to expire in 2010 while its subkey never expire:
=== Begin Anders Eriksson (0x6D448760) pub.asc ===
-BEGIN PGP PUBLIC KEY BLOCK-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Allen Schultz escribió:
> I made a key with default settings. Can I delte the encrypting
> subkey that has not expiration date and remake one with an
> expiration date?
Yes, but you can also edit the expiration date of the encrypting
subkey, if I
Allen Schultz wrote:
> I made a key with default settings. Can I delte the encrypting
> subkey that has not expiration date and remake one with an
> expiration date?
http://www.gnupg.org/gph/en/manual.html#AEN305
___
Gnupg-users mailing list
Gnupg-users
Faramir wrote:
> Yes, but you can also edit the expiration date of the encrypting
> subkey, if I am not wrong...
Revoking the subkey is the canonical solution here.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/list
On Tue Apr 28 21:48:52 2009, Allen Schultz wrote:
> I made a key with default settings. Can I delte the encrypting
> subkey that has not expiration date and remake one with an
> expiration date?
You may be better off revoking the subkey and adding a new encryption
subkey.
James
--
James P. Ho
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
James P. Howard, II wrote:
> On Tue Apr 28 21:48:52 2009, Allen Schultz wrote:
>
>> I made a key with default settings. Can I delte the encrypting
>> subkey that has not expiration date and remake one with an
>> expiration date?
>
> You may be bet
On Apr 28, 2009, at 9:48 PM, Allen Schultz wrote:
I made a key with default settings. Can I delte the encrypting
subkey that has not expiration date and remake one with an
expiration date?
There are many answers to your question. Basically, yes, you could,
but no, you almost certainly don't
m not wrong, he is talking about a brand new subkey he
doesn't want to expire right now, but in one year or so... I think he is
implementing the tutorial about how to store the main keys at a safe
place, and keep the subkeys for daily usage.
Best Regards
-BEGIN PGP SIGNATURE-
Version:
ut how to store the main keys at
a safe
> place, and keep the subkeys for daily usage.
I am still following that. But the tutorial started out with no
Encryption key. I was trying to get the Encryption key to have
an expiration date. If I take my current subkey and edit it and
try to upload the sa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Allen Schultz wrote on 29.04.2009 6:49 Uhr:
> (...) If I take my current subkey and edit it and
> try to upload the same subkey with the new expiration, will the
> server accept an expiration after one is posted for no
> expiration?
Yes. One can eve
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Even better than that, you can CHANGE the expiration date on the
subkey that has no expiration date to anything you like. You can extend
the date out further or cut it short. But, this will effect only your
key, and not the copies of your key that ev
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Even better than that, you can CHANGE the expiration date on the
subkey that has no expiration date to anything like. You can extend
the date out further or cut it short. But, this will effect only your
key, and not the copies of your key that every
On Wed, 29 Apr 2009 14:09:52 Faramir wrote:
> I think he is
> implementing the tutorial about how to store the main keys at a safe
> place, and keep the subkeys for daily usage.
Which TUT is that?
Felipe
signature.asc
Description: This is a digitally signed mes
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Felipe Alvarez escribió:
> On Wed, 29 Apr 2009 14:09:52 Faramir wrote:
>> I think he is
>> implementing the tutorial about how to store the main keys at a safe
>> place, and keep the subkeys for daily usage.
>
> Which T
On Thu, 30 Apr 2009 02:45:45 Faramir wrote:
> By the way, I saw your message is signed, but I couldn't locate a
copy
> of your public key...
Sorry about that. My comment below should contain the URL for the
key. I
still new to this, and weary about uploading my public key on
keyservers.
Last
ed to it." bad
idea, no TB for me thanks)
- Original Message -
From: "Faramir"
To: "Felipe Alvarez"
Sent: Thursday, April 30, 2009 10:47 AM
Subject: Re: Subkeys...
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Felipe Alvarez escribió:
Sorry about that. My
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
felipe alvarez escribió:
> Somewhat humourously, my public key is now up on all the public key
> servers! I guess I'll have to live with all that spam .. .. ..
Well, it was predictable soon or later somebody was going to upload it
without your con
Hi,
I've found this guide:
http://atom.smasher.org/gpg/gpg-migrate.txt
but it doesn't seem to work anymore. I know that migrating subkeys is a
bit of hocus-pocus, but is it still supposed to work? I get stuck at
trying to generate new (correct) binding signatures for the subkeys. I
don
Hi Roland,
I don't know if you have some specific questions but the Debian wiki
page about Subkeys is nice: https://wiki.debian.org/Subkeys
tl;dr version is primary/subkey setup lets you have your primary key
completely offline and use subkeys for daily work. If something bad
happens to a s
Hi,
i have a keyring which contains a master key for certification and 3 sub keys,
one for encryption, one for sign and the third one for authentication.
So my question is which key should i upload to a key server. I mean should i
upload the master key id via `gpg —send-key ` / `gpg —send-key
`
I've setup subkeys for my Open PGP v2.0 smartcard. However, I seem to
be unclear about how/what configuration options should be used in
gpg.conf (ie encrypt-to, hidden-encrypt-to, default-recipient, etc).
So far I've reference the how-to on gnupg.org and we.riseup.net
http://www
I have been searching the mail archives for a while but have not yet found
any discussion related to the situation I have. I'm new to GnuPG and data
encryption in general so if some of my ideas or thoughts go completely
against common sense then.
Anyway here is my situation. I have about 300 r
Hi!
I'm new to GnuPG and have 2 questions regarding key signing I didn't find
answers for in the documentation:
1) Somebody signs my public key, and this "new version" containing that
additional signature is uploaded to a keyserver. (Am I right so far?)
How do others that already had my public
reated: 2008-01-30 expires: never<--
ssb 1024R/44EDC121 created: 2008-01-30 expires: never<--
sub 2048R/C0AD5BE4 created: 2008-01-30 expires: never
i.e. I have two orphaned secret subkeys. How can I delete them? And does
their presence matter at all (because, although
Is it possible to have 2 active subkeys?
ie say an ecc and an ElGamal for encryption?
--
Werewolf
=- http://www.nyx.net/~mdkeith/ -
GPG key 0xF52A14B4 with following fingerprint
35CD 0611 2F71 BC17 5C53 29A2 5F5A 4309 F52A 14B4
=- http://spandex31095.tripod.com
I understand this is a bit old, but I believe the concept is still current:
http://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html#id2507429
Essentially, can anyone confirm why it is recommended to only store
subkeys on a smart card?
a) is it because of the risk that the card
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
So my old subkeys are about to expire so I created some new ones at
home and exported them with --export-secret-subkeys. When I try to
import them at work, gpg just says I already have that key and stops.
Why isn't it merging the new subkey
I am trying to understand the man page with regards to secret subkey exports.
--export-secret-subkeys
Same as --export, but exports the secret keys instead. The
exported keys are written to STDOUT or to the file given with option --output.
This command is often
You can either upload the whole public set or none of it, you can't or
at least I know of no way of uploading only the public part of the subkeys.
As for the keyserver, I recommend sks-keyservers.net[1], either
hkp://pool.sks-keyservers.net or hkps://hkps.pool.sks-keyservers.net
which you
> You can either upload the whole public set or none of it, you can't or
> at least I know of no way of uploading only the public part of the sub keys.
As far as i know it is possible to upload a sub key via the id of the sub key
ending with the exclamation mark `!`.
I mean does it make sense to
s of a primary key and optional ant
number of subkeys. The transfer format does only allow sending of
entire OpenPGP key(block)s.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
___
Gnupg-users mailing list
Gnupg
>
> You may use this notation to force the use of this subkey. However, an
> OpenPGP key(block) always consists of a primary key and optional ant
> number of subkeys.
Ok.
> The transfer format does only allow sending of
> entire OpenPGP key(block)s.
>
Ok, thx. This
On Mon 2015-09-14 04:07:20 -0400, Marko Bauhardt wrote:
> [ Werner wrote: ]
>> You may use this notation to force the use of this subkey. However,
>> an OpenPGP key(block) always consists of a primary key and optional
>> ant number of subkeys.
>
> Ok.
>
>>
>
> a Transferable Public Key (aka "keyblock" and "OpenPGP certificate") is
> defined here:
>
> https://tools.ietf.org/html/rfc4880#section-11.1
Thx,
this is what i searched for.
Marko
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lis
Hello,
is it possible today (if not: how big would the chanhes to gpg or the OpenPGP
standard have to be) to sign not only the main key and UIDs but also subkeys?
I just had a discussion about the advantages of OpenPGP and S/MIME. This seems
to be one of the few properties of X.509 which
hi,
if I transfer my smartcard to an new host I can run
gpg2 --card-edit
fetch
to import my public key from a keyserver. But if done so gnupg doesn't
recognize the private subkeys stored on the smartcard. How do I tell gnupg
where it should look for the private subkeys?
signatur
If I have more than one signing subkey in my keypair, is there a way of
advertising the purpose of each subkey with the public key that people
download? Eg:
This subkey is for signing email only
This subkey is for signing sourcecode only
I've considered generating an entirely separate keypair and
On Mon, Mar 21, 2005 at 01:28:30PM -0600, Grimes, Dean wrote:
> Is this possible to do with GnuPG? It wise to do something like this? Is
> there anyone else besides me who has this situation or one similar? If so,
> how did you/they solve the problem? Any help would be greatly appreciated.
There
Of David Shaw
Sent: Monday, March 21, 2005 1:40 PM
To: gnupg-users@gnupg.org
Subject: Re: Multiple Subkeys/UIDs
On Mon, Mar 21, 2005 at 01:28:30PM -0600, Grimes, Dean wrote:
> Is this possible to do with GnuPG? It wise to do something like this? Is
> there anyone else besides me who has thi
On Mon, Mar 21, 2005 at 04:25:07PM -0600, Grimes, Dean wrote:
> >You mention that all data enters the central location encrypted, but is
> then decrypted ("for processing") and then re-encrypted.
>
> The processing script would most likely decrypt the file piping the output
> into the processing p
;persons key. Your local policy and setup will need to be written in
>such a way that this person cannot make their own copy of the file
>while reading it.
I like the idea of a check out system. This would eliminate the need to
create individual subkeys altogether. I could even use CVS
the master key for signing.
Not necessarily true. You can use a subkey for signing if you like.
In this usage, the master key is only used for signing other keys
(whether your own subkeys or other peoples keys).
> Now, if someone signs my master key, how will this be reflected on
> the subkey? D
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
On Thu, 31 Jan 2008 02:37:10 +0100
Nikola Lečić <[EMAIL PROTECTED]> wrote:
> I wasn't aware that one had to 'save' a key immediately after deleting
> a subkey (using delkey) in order to replace that subkey with a new one
> (using addkey). Now I
On Wed, 2008-02-20 at 23:22 +0100, Nikola Lečić wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: RIPEMD160
>
> On Thu, 31 Jan 2008 02:37:10 +0100
> Nikola Lečić <[EMAIL PROTECTED]> wrote:
>
> > I wasn't aware that one had to 'save' a key immediately after deleting
> > a subkey (using delkey)
command "toggle" first.
Command>
> That's what you did in public keyring but there is two keyring one
> public and one secret. You could have run "gpg --delete-keys" and "gpg
> --delete-secret-keys" too.
I understood that delete{,-secret}-keys
On Fri, 2008-02-22 at 04:37 +0100, Nikola Lečić wrote:
> Sebastien, thank you for the reply.
>
> That's exactly why I asked: I can't do this. :-) It seems that GnuPG
> always wants me to return to the public ring:
>
OK, I misunderstood your question.
> %gpg --edit-key 7B063EAA
> [...]
> Secr
Am So 23.06.2013, 21:44:50 schrieb Werewolf:
> Is it possible to have 2 active subkeys?
>
> ie say an ecc and an ElGamal for encryption?
Yes.
--
☺
PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04)
http://www.openpgp-courses.org/
signature.asc
Description:
On Wed, Jun 26, 2013 at 3:10 PM, Daniel Pocock wrote:
> I understand this is a bit old, but I believe the concept is still current:
>
> http://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html#id2507429
>
> Essentially, can anyone confirm why it is recommended to only
Am Mi 26.06.2013, 15:10:19 schrieb Daniel Pocock:
> Essentially, can anyone confirm why it is recommended to only store
> subkeys on a smart card?
That has little to do with smartcards. Mainkeys should always be stored and
used safely ("offline"). Smartcards are typically u
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 26/06/13 15:30, Hauke Laging wrote:
> Am Mi 26.06.2013, 15:10:19 schrieb Daniel Pocock:
>
>> Essentially, can anyone confirm why it is recommended to only store
>> subkeys on a smart card?
>
> That has little to do with sma
On Wed, 26 Jun 2013 15:42, dan...@pocock.com.au said:
> The only other issue that arises then is longevity: is a smartcard
> considered more or less stable than any other type of device for long
> term key storage?
I doubt that. Although smartcards are pretty robust they might still
break for ex
Am Di 10.12.2013, 15:42:40 schrieb Phillip Susi:
> So my old subkeys are about to expire so I created some new ones at
> home and exported them with --export-secret-subkeys. When I try to
> import them at work, gpg just says I already have that key and stops.
> Why isn't i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 12/10/2013 12:42 PM, Phillip Susi wrote:
| So my old subkeys are about to expire so I created some new ones
Why are you creating new ones instead of simply extending the expiry
of the existing ones?
-BEGIN PGP SIGNATURE-
Version: GnuPG
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 12/10/2013 06:27 PM, Doug Barton wrote:
> On 12/10/2013 12:42 PM, Phillip Susi wrote: | So my old subkeys are
> about to expire so I created some new ones
>
> Why are you creating new ones instead of simply extending the
> expiry
Hello,
I'm having trouble creating a subkey-chain to import on a machine that I
don't want carrying the master key.
Following the Debian subkeys-guide[1] I come pretty far but not all the
way (though I can successfully follow it through if I generate a new
keypair for testing)
The
when I use --edit-key and
specify the master key id, and use the passwd command to change the
password, it applies it to all subkeys. How can I set a different
password only for the master key?
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http
I have a couple encryption subkeys under my primary key. Each key is used for
different applications (while I generally just use one subkey, the other is
used when a specific application does not permit the use of that subkey).
I would like to select specific subkeys (gpgme_subkey_t) in GPGme
I have a couple encryption subkeys under my primary key. Each key is used for
different applications (while I generally just use one subkey, the other is
used when a specific application does not permit the use of that subkey).
I would like to select specific subkeys (gpgme_subkey_t) in GPGme
On 08/17/2017 03:39 PM, Dirk-Willem van Gulik wrote:
This had me believe that export-secret-subkeys would just export a
subkey.
Instead the output of --list-packets (and the file size) suggests
that both the master and the subkey are exported.
Seemingly, yes. But actually, when using --export
On 17/08/17 15:39, Dirk-Willem van Gulik wrote:
> # off=0 ctb=95 tag=5 hlen=3 plen=533
> :secret key packet:
> version 4, algo 1, created 1502976628, expires 0
> pkey[0]: [4096 bits]
> pkey[1]: [17 bits]
> gnu-dummy S2K, algo: 0, simple checksum, hash: 0
> protect IV:
> On 17 Aug 2017, at 16:06, Peter Lebbing wrote:
>
> On 17/08/17 15:39, Dirk-Willem van Gulik wrote:
>> # off=0 ctb=95 tag=5 hlen=3 plen=533
>> :secret key packet:
>> version 4, algo 1, created 1502976628, expires 0
>> pkey[0]: [4096 bits]
>> pkey[1]: [17 bits]
>> gnu-dummy S
It is my understanding that --export-secret-subkeys outputs a *dummy*
(not the actual key) for the private part of the primary key, hence the
output of --list-packets.
The “gpg” man page says “The second form of the command [i.e.:
--export-secret-subkeys] has the special property to render the
GPGME has export and import functions that work well as alternatives to
"gpg --import" and "gpg --export". However, looking through the
documentation I cannot find an equivalent to "gpg
--export-secret-subkeys". Have I missed something, or does such
functionality
Hey,
after searching for a long time I finally decided to ask here:
I wanted to create new keys and came across the following "problem": If I
create a main key to certify and subkeys for everything else, won't there be
dozens of subkeys on my main key after years of creati
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello all, I'm new at this list.
I'm using OpenPGP with GPG since some years ago, I'm using as "usual
way": a pair of keys copying from one device to other.
I'm interested in subkeys and offline master key, I'
Hello,
I started using gpg relatively recently (1 year or so), mainly for
signing git commits, and I am far from mastering it.
Since I was struggling to choose a strategy for expiring/renewing my
subkeys (more details below) I decided to seek expert advice (hopefully
this is the right place
On Tue, 17 Aug 2010 11:31, j...@seiken.de said:
> to import my public key from a keyserver. But if done so gnupg doesn't
> recognize the private subkeys stored on the smartcard. How do I tell gnupg
> where it should look for the private subkeys?
Insert the smartcard and run &qu
Hi -
I have a public key with two encryption subkeys (see note below). I am
attempting to clobber together a bash script to select a given subkey and
use that subkey for encryption. Using the following sample key and sample
script, `afile` is encrypted with subkey (and not the
will almost certainly take longer than that. There
is a discussion of some of the issues involved here.
http://www.debian-administration.org/users/dkg/weblog/48
At the moment I am planning on using an RSA signing key, but I have
not made my final decision on the encryption subkeys. I am leaning
On 12/12/2011 02:05 PM, gn...@lists.grepular.com wrote:
> If I have more than one signing subkey in my keypair, is there a way of
> advertising the purpose of each subkey with the public key that people
> download? Eg:
>
> This subkey is for signing email only
> This subkey is for signing sourceco
Hello all
I have a question, which maybe is very silly. Most likely I don't get
the concept behind subkeys. Unfortunately I couldn't find any
information about all this in the available documents.
I was playing around with my brand new SmartCard. Thinking about
putting *additiona
of
the used key is an ID an a subkey. Usualy I don't use the subkey for de-
and encryption, but i don't know anythink about the subkeys. According
to the GnuPG Handbook it should work to use the subkey.
Have a nice day and a good morning :),
Patrick
Here is the complet
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I have two encryption keys and three signing keys:
pub 4096R/057AC4BC created: 2005-12-08 expires: never usage: CS
sub 4096R/0DBBD3FD created: 2005-12-08 expires: never usage: SEA
sub 4096g/E3DD0205 created: 2005-12-29 expires: 20
i do signing of Gentoo packages and historically i would just generate a new
key and sign that with my normal public one ... when the last one expired, i
decided to try and use subkeys
so my main key i get everyone to sign is E837F581 and i use that when signing
my e-mails ... i created a new
Hi,
after reading the mini-howto 'Using multiple subkeys in GPG'
http://fortytwo.ch/gpg/subkeys I am curious, if someone uses a setup
like this for his/her insecure workplace.
Because the howto is outdated my questions are:
- does gpg > 1.4 still have the 'problems' descib
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Colin Watson wrote:
> In other words, it looks like any time I go through an --edit-key /
> --send-keys / --recv-keys cycle (however extended), I'm going to grow
> six new signatures on my key. Could GnuPG be fixed to check for
> duplicates before i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
For whatever reason I now have two versions of my private key one
without the ELG encryption key and primary key, the other without the
RSA signing key.
How can I combine them so I have one secret key with both the ELG and
RSA subkeys under the
For whatever reason I now have two versions of my private key one
without the ELG encryption key and primary key, the other without the
RSA signing key.
How can I combine them so I have one secret key with both the ELG and
RSA subkeys under the primary key.
This is my new key
sec# 1024D
Hi all,
I am trying to change the expiration time of 2 sub-keys with no success.
I edit the main key and with command expire I selected the uid(s) and
the result is this:
Secret key is available.
pub 4096R/C9CFBFA0 created: 2008-12-31 expires: never usage: SC
tr
Was trying out gpg4win 2.2.0, and couldn't see how to add a subkey
from either Kleopatra or GPA
(was able to add it easily from the command line gnupg 2.0.21 that
installs with gpg4win)
Couldn't find anything about adding subkeys in the compendium.
Is there something really ba
Hi,
just a short question: Does the „export-minimal” option also remove unusable
(expired) subkeys, or not?
The manpage only mentions user IDs and signatures.
If not, is there a simple way to minimize the export further by dropping those
subkeys?
Regards,
MM
On 03/25/2014 07:38 AM, Mikael Nordfeldth wrote:
> The problem I experience is when importing back the 'pubkeys' and
> 'subkeys' files (see Debian guide):
Hm, i just ran through the instructions at
https://wiki.debian.org/Subkeys with a dummy/test user, and they
On 2014-03-25 14:30, Daniel Kahn Gillmor wrote:
> On 03/25/2014 07:38 AM, Mikael Nordfeldth wrote:
>> The problem I experience is when importing back the 'pubkeys' and
>> 'subkeys' files (see Debian guide):
>
> Hm, i just ran through the instructions at
ot; Nordfeldth '
> which is listed when using the '--edit-key' argument.
aha, this is likely to be the problem! RFC 4880 states that a valid
transferable key needs to have at least one User ID:
https://tools.ietf.org/html/rfc4880#section-11.1
You can see from your --list-packet
use gpgsplit on your two separate files to break out the distinct
> packets, and then use cat to combine the uid and self-sig packets from
> the pubkeys file with the secrets from the subkeys file, feeding the
> result into gpg --import.
Great, thank you! gpgsplit let me export and thus r
edit-key and
> specify the master key id, and use the passwd command to change the
> password, it applies it to all subkeys. How can I set a different
> password only for the master key?
see http://lists.gnupg.org/pipermail/gnupg-users/2013-July/047172.html :)
in short: use gpgsplit t
hrase B.
Do you actually need gpgsplit to achieve this? I thought you could
achieve the same thing by using GnuPG's export-secret-subkeys command.
- --
Best regards
MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net
Can you imagine a world with no hypothetical situation
ieve this? I thought you could
> achieve the same thing by using GnuPG's export-secret-subkeys command.
That doesn't help as you don't have to export secret keys but have to
import them.
For some reason it is not possible (with 1.4.x and 2.0.x) to import
secret components for a
On 07/16/2014 09:24 PM, Phillip Susi wrote:
> I would like to protect the master key with a password that is different
> from that used on the daily use subkey
I take the Low Road and use two different key rings, the "master" key
ring in a non-default location ("gpg --homedir /path/to/master .
Hello.
After generating a master key, I generated 3 subkeys, one for encryption,
one for signing and one for authentication. Now, when I import the three
subkeys into the same (non-default) keyring, only one is showing up in the
key listing or when I try and edit the keys.
Is this normal
ecision are
made.
My ideal setup is:
- Master generated on offline pc and stored in a cold storage
- subkeys for the pc (main pc, that I use everyday) - i need
(A)utenticate (E)encrypt (S)ign keys
- subkeys for the smartcard - if I use a pc of someone else, and as
backup for what
ecision are
made.
My ideal setup is:
- Master generated on offline pc and stored in a cold storage
- subkeys for the pc (main pc, that I use everyday) - i need
(A)utenticate (E)encrypt (S)ign keys
- subkeys for the smartcard - if I use a pc of someone else, and as
backup for what
> I would like to select specific subkeys (gpgme_subkey_t) in GPGme to
> perform operations (eg. gpgme_op_encrypt(...)
This isn't really well-supported, and for good reason: which subkey to
choose is normally viewed as a decision of the OpenPGP engine, not so
much of the user. If you
On Wed, 2 Aug 2017 03:05, r...@sixdemonbag.org said:
> At the command line a subkey can be specifically selected by appending
> an exclamation mark to the *subkey* key ID, but I don't believe GPGME
> supports this behavior.
That's right. I opened a wishlist item as
https://dev.gnupg.org/T3325
> On Aug 2, 2017, at 05:40, Werner Koch - w...@gnupg.org
> wrote:
>
> On Wed, 2 Aug 2017 03:05, r...@sixdemonbag.org said:
>
>> At the command line a subkey can be specifically selected by appending
>> an exclamation mark to the *subkey* key ID, but I don't believe GPGME
>> supports this behav
I am trying to understand the semantics of how GnuPG's WOT model
interacts with subkeys. This is a pretty basic question, so feel free to
direct me to existing resources if there are any; there must be
something written on this topic already, but I failed to find anything.
Suppose Alic
On Wed, 30 May 2018 17:22, tookm...@gmail.com said:
> GPGME has export and import functions that work well as alternatives to
> "gpg --import" and "gpg --export". However, looking through the
> documentation I cannot find an equivalent to "gpg
> --export-sec
1 - 100 of 590 matches
Mail list logo