[Gpg4win-users-en] Subkey management

Dr. Peter Voigt pvoigt at uos.de
Thu Mar 6 19:48:20 CET 2014


I have been using my gpg key since 2006. Time has come to replace my old
key (1024 bit DSA with SHA1) with a new one matching current security
demands. My new key is created, signed with my old one and meanwhile
published to a keyserver.

My new key has two subkeys: One RSA signing and one RSA encrypton
subkey. Currently my master keys are located on a trusted operating
system. Now I would like to remove the master private signing key
before I copy it to e.g. my laptop with a less trusted operating
system. According to several references (see below) the recommended way
appears a bit inconvenient: First export all subkeys, then delete the
master private signing key and finally re-import all subkeys. In
particular I would like to avoid doing this on the laptop. The only
way to avoid this seems to be making a backup of ~/.gnupg on the machine
with the master keys first. Is this still the recommended way to go? I
am running GnuPG 2.0.22.

Regards,
Peter

References:
http://gagravarr.livejournal.com/137173.html
https://wiki.debian.org/Subkeys?action=show&redirect=subkeys
https://alexcabal.com/creating-the-perfect-gpg-keypair/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.wald.intevation.org/pipermail/gpg4win-users-en/attachments/20140306/bd8e3120/attachment.sig>


More information about the Gpg4win-users-en mailing list