Exporting only trusted public keys

Neil Williams linux@codehelp.co.uk
Wed Aug 20 23:30:07 2003


--Boundary-02=_Nk+Q/kh3IQ2Efjz
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline

With a keyring of >400 now, I know that I have approx 150 completely redund=
ant=20
keys in the keyring - usually keys imported to validate one-off emails or=20
wrongly imported to try and form a web of trust. These show up in KGPG as=20
Trust:?

I have my own 'ultimate' keys, marginal and fully trusted keys. I also have=
 a=20
database that happens to contain the keyid's of my most important=20
correspondents - those within the local LUG.=20

Is there some way of using sed or grep or perl to process gpg output so tha=
t=20
keys that are important to my web of trust are retained and all keys that a=
re=20
neither in the database nor signed by someone in the database are ignored?

I could play around with various exports, but I was wondering if someone ha=
d=20
already tried this kind of general keyring maintenance. I find it very slow=
=20
to manually delete keys, KGPG takes a while to re-process the keyring after=
=20
deletions done using KGPG and doesn't provide a way of deleting multiple=20
keys.

If I can export all important keys to a new keyring, I can delete the old o=
ne=20
entirely and re-import. Then a --rebuild-keydb-caches --check-trustdb and I=
=20
should be OK?!?


=2D-=20

Neil Williams
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
http://www.codehelp.co.uk
http://www.dclug.org.uk

http://www.biglumber.com/x/web?qs=3D0x8801094A28BCB3E3

--Boundary-02=_Nk+Q/kh3IQ2Efjz
Content-Type: application/pgp-signature
Content-Description: signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQA/Q+kNiAEJSii8s+MRAp3HAJ0V49ScigogSUkJbU+kNJSSpYppIgCfU37G
zNPXCcAxJd8lbpKxL3nzE6E=
=Iepn
-----END PGP SIGNATURE-----

--Boundary-02=_Nk+Q/kh3IQ2Efjz--