Why Operating Systems don't always upgrade GnuPG

Teemu Likonen tlikonen at iki.fi
Wed Feb 21 17:22:19 CET 2018


Daniel Kahn Gillmor [2018-02-20 21:35:12-08] wrote:

> Anyway, here's one concrete example (hinted at above) of a
> programmatic gap that is much easier to achieve by mucking around with
> the internal state rather than by the programmatic interface:
>
>  * I want to introduce a new signing-capable subkey, and i want to
>    distribute it widely, but i don't want to start signing with it just
>    yet.

It seems to me that there is an easy gpg.conf solution:

    default-key FINGERPRINT!

See the ! character which forces exactly that (sub)key for signing. Use
that option to select your old signing (sub)key.

-- 
/// Teemu Likonen   - .-..   <https://keybase.io/tlikonen> //
// PGP: 4E10 55DC 84E9 DFF6 13D7 8557 719D 69D3 2453 9450 ///
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180221/534bfc4b/attachment.sig>


More information about the Gnupg-users mailing list