Master Key Best Practice with SmartCard
Antoine Michard
antoine.michard at chezgeek.fr
Mon Jan 25 11:08:31 CET 2016
Hi all,
In July when I've created my Master Key, I didn't use --expert option
and now my master key is Cert and Sign and got 2 subkey for encryption
(+1 revoke).
pub 4096R/0882B381 créé : 2015-07-04 expire : jamais utilisation : SC
confiance : ultime validité : ultime
sub 4096R/D693C37C créé : 2015-07-04 expire : jamais utilisation : E
sub 4096R/AF2FF242 créé : 2015-07-04 expire : 2018-07-03 utilisation : S
La clef suivante a été révoquée le 2016-01-21 par la clef RSA 0882B381
Antoine Michard <antoine.michard at chezgeek.fr>
sub 4096R/8FB824DE créé : 2015-07-04 révoquée : 2016-01-21
utilisation : E
sub 4096R/48D8D3B6 créé : 2015-07-05 expire : 2018-07-04 utilisation : A
sub 4096R/DDCE51A2 créé : 2016-01-21 expire : 2018-07-03 utilisation : E
[ ultime ] (1). Antoine Michard <antoine.michard at chezgeek.fr>
[ ultime ] (2) Antoine Michard <michard.antoine at gmail.com>
[ ultime ] (3) Mitch <mitch911 at free.fr>
It's work well except that for https://encrypt.to, he use my first
encryption key and I can't decrypt it with my Smartcard.
So I thinking what is the best to do next:
- Delete my useless first subkey encryption from my keyring and send
update to key server.
- Recreate a new master key with only cert role and create all my subkey
(S E A) and copy it to my Smart Card.
What your advice on it ?? Nobody have sign my key and I can rencrypt my
data.
--
Antoine Michard
GPG Key: 0xF5C9E7CD0882B381
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160125/9f77ad45/attachment-0001.sig>
More information about the Gnupg-users
mailing list