my gpg key does not conform to rfc4880?

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Oct 10 21:22:46 CEST 2013


On 10/10/2013 03:12 PM, Brian J. Murrell wrote:

> Yeah.  I have considered both of those things also.  I guess the only
> thing that was holding me back was that the existing key has an
> investment in signatures on it though.  What I am unclear about is how
> the authenticity and trustibility of my new key will be regarded in
> relation to the existing key with all of the signatures on it.

none of the above concerns should keep you from creating a new, stronger
key and starting to gather certifications on it.  You can still keep
your old key for places where more certifications matter, and start
using your new key in places where stronger keys matter.  Do this until
you feel comfortable that your new key has gathered enough
certifications to be useful in both places, at which point you can
revoke your old key.

Regards,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20131010/27874f43/attachment.sig>


More information about the Gnupg-users mailing list