[linux-elitists] OT: new GPG key

Karsten M. Self kmself@ix.netcom.com
Wed Jun 11 22:25:16 PDT 2003


on Wed, Jun 11, 2003 at 06:42:41PM -0400, David Shaw (dshaw@jabberwocky.com) wrote:
> On Wed, Jun 11, 2003 at 09:52:59PM +0100, Karsten M. Self wrote:
> > I've decided it's time to start signing mail again...
> > 
> > Note that this is a general purpose, eternal key (my old key expired
> > April of this year).  I extended it by one day from today to sign my
> > current key (inconsistent handling of expiry date modifications of keys
> > makes this impractical in a general sense).  Unfortunately, this means 
> > my existing trust ring has also expired.  Note that this key is not 
> > being used in the most secure of environments (portable and remote 
> > systems, included), but it should be suitable for pedestrian threats.  
> > I also wanted to forego a bunch of queries about why I was showing up 
> > with a new key (though you're right to be suspicious).
> 
> Use a signing subkey.  It's the ideal way to handle the usual problem
> of using portable and remote systems without having to make multiple
> keys to do it.  It also means you don't need to get re-signed all the
> time.
> 
> There are a few minor gotchas (all versions of GnuPG can handle it,
> but only PGP 8 can verify the messages in PGP), but it works quite
> well.

I'm not familiar with the concept.  Got any quick pointers?

Peace.

-- 
Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
    "Yes," said Marvin. "Wearily I sit here, pain and misery my only
    companions. And vast intelligence of course. And infinite sorrow.
    And..."
    -- HHGTG
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20030612/1ef496fb/attachment.pgp 


More information about the linux-elitists mailing list