[wellylug] GPG Question

Tue Feb 28 10:21:27 NZDT 2006

On Mon, 27 Feb 2006, Jethro Carr wrote:

> On Mon, 2006-02-27 at 22:49 +1300, David Murray wrote:
>> On Mon, 27 Feb 2006, Jethro Carr wrote:
>>
>>> hi all,
>>>
>>> I have a question/issue with GPG.
>>>
>>> I will be changing my primary email address in the near future, and the
>>> current email address will be deleted.
>>>
>>> However, I have various signatures against my current UID. To change my
>>> email address, it appears that I have to delete this UID and create a
>>> new one.
>>>
>>> Will I lose all the signatures that people have made against this UID?
>>> And is there anyway around this?
>>
>> I thought that you yourself make your own GPG signature that you then give
>> out to other people so that they know your email is from you. A GPG
>> signature is made against a name:
>>
>> (ie **thepersonsnamethatgoeshere** <email.address at domainname.somewhere>)
>>
>> and its corresponding email address:
>>
>> (ie thepersonsname <**this.email at address.that.goes.here**>)
>>
>> with an optional comment, not against a user name or user ID.
>>
>>
>> All you'd need to do is to create a new key pair using kGPG, the only
>> information you'll need is a name, an email address, and an optional
>> comment. Then select key size and method of encryption.
>>
>> Once you've created the keys then export the public key into a plain text
>> file.
>>
>> Email everybody a copy of that plain text file for them to import into
>> their keyring.
>>
>> You can create keys for any combination of name, email address and
>> comment.
>>
>> Once you know your new email address you'll then be in a position to make
>> your new keys.
>>
>> No change of User ID required, but you will, of course, need to update
>> your email settings to use the new email address.
>>
>> You can have a GPG signature for any name and email address, quite
>> separate from your login ID
>>
>
>
> okay, I think you have gone barking up the wrong tree. ;-)
>
> with a GPG key, you have a key. But inside this key you have user id's
> for each email address. You can have more than 1 uid in your key.

Would you care to elaborate further on UIDs and gpg keys. I was under the 
impression that inside a key you had a subkey - the public key - which you 
can sign.

Do you mean more than one signature in your key?

I was under the impression that a key was specific to one name and one 
email address, and that if you change either then the key won't work.

> You have given me instructions for creating more keys, and then you have
> related it to my login id.

Well what other UID is there?? And didn't you want a new key for your new 
email address?

> I wish to know if there is a way I can create a new uid, and have all my
> signatures transfered/copied to this new ID, so I don't have to try and
> get people to resign my key.

Surely the easiest way would be to revoke the key and issue a new one.

Regards

David Murray