Utilizing facts of homedir organization (was: Exact definition of token S/N field for --with-colons)
Andrew Luke Nesbit
email at andrewnesbit.org
Mon Sep 24 02:09:25 CEST 2018
On 23/09/2018 21:19, Daniel Kahn Gillmor wrote:
> On Sun 2018-09-23 18:18:13 +0200, Peter Lebbing wrote:
>> The intent of this mail is not to ask whether something works. This can
>> be easily verified. It's asking whether it is a supported way of doing
>> things. I hope I can get some guidance on this!
>
> I appreciate that you're asking for clarification about what is the
> scope of GnuPG's "API", such as it is. We do need more clarity here.
>
> i don't have the authority to answer your questions about the contents
> of ~/.gnupg/private-keys-v1.d/, but i'd always thought that the
> internals of ~/.gnupg/ were *not* part of the "API", and generally
> should not be relied upon. I hope that Werner or someone else more
> closely related to the project can clarify here.
This raises interesting questions regarding subkeys.
For example, earlier this month there was a short thread with "Subject:
Subkeys" where OP was asking about generating subkeys. The advice was
to consult https://wiki.debian.org/Subkeys . That page contains the
following instructions:
> [...] delete the file `$HOME/.gnupg/private-keys-v1.d/KEYGRIP.key`,
where `KEYGRIP` is the "keygrip" of the master key which can be found by
running `gpg2 --with-keygrip --list-key YOURMASTERKEYID.`"
All other sources of information for generating subkeys that I have seen
contain similar instructions.
This is using the contents of `~/.gnupg/private-keys-v1.d/` as an API.
If this is *not* part of the API, then what *is* the official
recommendation for generating subkeys?
Andrew
--
OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
More information about the Gnupg-users
mailing list