Penguin
Recent Changes

Differences between version 59 and predecessor to the previous major change of GPG/PGPNotes.

Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History

Newer page: version 59 Last edited on Saturday, February 5, 2005 2:28:48 pm by CraigBox Revert
Older page: version 55 Last edited on Tuesday, October 26, 2004 11:24:17 am by AristotlePagaltzis Revert
@@ -175,13 +175,22 @@
 ---- 
  
 !!!General Notes 
  
-How do you ''use'' a revocation cert once you've generated one:  
+! How do I delete/cancel a key?  
+  
+ gpg --gen-revoke <key-id>  
+  
+Copy the text from this output somewhere very safe, because anyone can use this to revoke your PGP key.  
+  
+!How do I ''use'' a revocation cert once you've generated one?  
+  
  gpg --import revoke.asc 
  gpg --send-key <key-id> 
-----  
-How do you change your primary uid? in 1..7+ there is a "primary" command when you use --edit-key which makes the __currently selected__ uid your primary uid. So to change your uid you do: 
+  
+! How do you change your primary uid?  
+  
+In 1..7+ there is a "primary" command when you use --edit-key which makes the __currently selected__ uid your primary uid. So to change your uid you do: 
  gpg --edit-key ''your@email.address'' 
  > list 
  ''the uid number you want eg:'' 
  > 1 
@@ -194,12 +203,12 @@
 You say 
  > 2 
  > deluid 
  
-----  
- Periodic Maintenance 
+!! Periodic Maintenance 
  
  gpg --rebuild-keydb-caches 
+  
 increases the speed of many operations for existing keyrings 
  
 ---- 
 !!!How to verify files with gpg/pgp 
@@ -228,6 +237,21 @@
 !!!Recover a public key from the corresponding secret key 
  
  gpg --export-secret-key 0x12345678 | gpgsplit --no-split --secret-to-public | gpg --import 
  
+----  
+!!!Extend the lifetime of, or "unexpire", a key  
+  
+Generating keys with expiry dates is good because it allows the keys to be flushed from keyservers and keyrings aftre a fixed length of time and limits the period revocation certificates have to be circulated. However, often it is advisable to extend the life of a key which is embedded in the web of trust. This can be done using the command:  
+  
+ gpg --edit 0x12345678  
+  
+and then the "expire" option. Some signatures have expiry dates within them which co-incide with the expiry date of the key. There is no way to extend these, except to get the signer to sign the updated key.  
+  
+----  
+!!!Ensuring compatibility with old versions of [PGP]/[GnuPG]:  
+  
+There is a comprehensive table of what algorithms are supported by every version:  
+  
+https://netfiles.uiuc.edu/ehowes/www/pgp-summ.htm  
 ---- 
 Part of CategoryCryptography