On Sunday, March 09, 2014 23:59:35 Jack Chastain wrote: > Yep - the issue was "conceptual" I think. It appears (to Joe and me) that > the instructions for the sub-key was under the assumption that your laptop > was your mobile system and your "base" computer was something less > portable. The idea being that the server that you actually did key work on > was NOT portable... and would therefore have ALL the keys....
That's the most common way in which I think this is done, but it's not the only way. > Ah, assumptions. > > So - with Joe's assistance, I deleted my key and re-added it from my saved > keys on the USB stick - and was THEN able to sigh keys. Right. The catch comes when you later want to remove the full key and only import the relevant subkey bits (public and private). Hopefully you've got instructions for that bit, as you probably did it in the first place. > One step higher. Now to figure out the next thing. Right. After signing keys, those signatures are only local on your machine. Assuming the next procedure uses key servers (which is the most common way to start with), you would then do 'gpg --send-keys <key IDs>' to push the keys you've signed up to a key server, and then the users of those keys need to be notified and pull the signatures from a key server (after they've had time to sync with the one you pushed the key to) via 'gpg --refresh-keys'. You can also use 'gpg --referesh-keys' to watch keys you know about to see who has recently gotten new signatures and how many, and then interrogate via 'gpg --list-sigs <keys>' afterwards to see specifics of who has signed someone's key. Occasionally someone's key is "offline only" in which case this method won't work for them, as it would require their key to be on a key server. I doubt anybody in this group is using an "offline-only" key, as it's rather unusual. -- Chris -- Chris Knadle [email protected] _______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org https://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) Vassar College Apr 2 - Nginx: High-Performance HTTP Server, Reverse Proxy, and IMAP/POP3 Proxy Server May 7 - Google App Engine Jun 4 - Samba: Can We All Just Get Along?
