The Call of the Open Sidewalk

From a place slightly to the side of the more popular path

User Tools

Site Tools

pgpfan:gpgburn

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
pgpfan:gpgburn [2021/12/06 02:20] – missed b.walzerpgpfan:gpgburn [2021/12/06 02:47] – Refs to the indexes b.walzer
Line 147: Line 147:
 Now export your updated public key (OpenPGP identity) and send it to your correspondents and any appropriate key servers (not shown). At this point you are in the preburning transition phase. You will still be able to decrypt your old messages and any messages from people that have not yet updated your public key in their keyring. You will also be able to decrypt any messages from people that have updated your public key to the new one. If you are not in any hurry there is no reason that this phase can't last months or even years. Messages generated in the transition phase will not be burnt. This would be a good time to look through your old messages for anything that you want to save before burning them. You can probably do this by remailing them to yourself. Now export your updated public key (OpenPGP identity) and send it to your correspondents and any appropriate key servers (not shown). At this point you are in the preburning transition phase. You will still be able to decrypt your old messages and any messages from people that have not yet updated your public key in their keyring. You will also be able to decrypt any messages from people that have updated your public key to the new one. If you are not in any hurry there is no reason that this phase can't last months or even years. Messages generated in the transition phase will not be burnt. This would be a good time to look through your old messages for anything that you want to save before burning them. You can probably do this by remailing them to yourself.
  
-OK, sufficient time has passed, all your correspondents have your new key installed in their keyrings. Thus starts the actual burning. For the demonstration you are going to do a secure delete of the file containing your old encryption subkey. Find the file name using the gpg ''--with-keygrip'' option to the ''--list-keys'' command looking for the older subkey that has no usage ''[]'':+OK, sufficient time has passed, all your correspondents have your new key installed in their keyrings. Thus starts the actual burning. For the demonstration you are going to do a secure delete of the file containing your old encryption subkey. Find the file name using the gpg ''%%--with-keygrip%%'' option to the ''%%--list-keys%%'' command looking for the older subkey that has no usage ''[]'':
  
 <code text [highlight_lines_extra="6,7"]> <code text [highlight_lines_extra="6,7"]>
Line 249: Line 249:
  
 This process is very manual. There are no GnuPG ''%%--preburn%%'' and ''%%--burn%%'' commands to automate this. This suggests that this is not something that is commonly done. Most people don't fear the exposure of their keys enough to make this worthwhile for this sort of system. This process is very manual. There are no GnuPG ''%%--preburn%%'' and ''%%--burn%%'' commands to automate this. This suggests that this is not something that is commonly done. Most people don't fear the exposure of their keys enough to make this worthwhile for this sort of system.
 +
 +[[pgpfan:index|PGP FAN index]]
 +
 +[[em:index|Encrypted Messaging index]]
 +
  
pgpfan/gpgburn.txt · Last modified: 2021/12/06 12:10 by b.walzer