Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


PGP Default Signing Urgent

Posted on 2009-12-31
Medium Priority
Last Modified: 2013-12-09
There are about 90 keys from various clients in the pubring.pkr and I added and signed a new public key with my secret key after entering my pass phrase. I got a prompt whether or not to set my key as default signing key and I said yes.
As usuall, this has changed the default signing key for all 90 keys in the pubring.pkr file. And I see exclamation mark of 90 of them which I guess is no longer valid as they were signed using a differnet pass phrase.
My questions:
Will this affect the 90 clients in any way ?
What was the option I would get when I say not to use my key a default key ?
How do I remove the excalmation mark from 90 of the keys ?

Please let me know.
Question by:coventri
  • 2
LVL 33

Accepted Solution

Dave Howe earned 2000 total points
ID: 26157676
Ok, from the top then.

1) signing or not signing a client's public key can have no effect at all on that client - signatures are additive, so each new signature you add (unless it has expiry or is revoked) increases the odds someone can make a trust decision based on the signatures attached.

2) creating a new key, or setting a new default key, should have no effect on signatures already made, and I *mean* no effect - they can't know or care that you have a new key. Only operations on the original key can have that effect, and being or not being the signing default is not going to alter that.

3) signatures should not automagically become "bad" unless the original key is revoked; however, if the original key is deleted from your keyring, then it will be unable to verify the signatures, and/or if the key had an expiry that has now been reached. if the key is explicitly revoked, this will also mark the signatures as bad, effectively removing them entirely.

of those, (3) is going to be of the most importance to you now - and that revolves around the original key - do you still have it on your keyring, has it been revoked, or has it expired?

Author Comment

ID: 26176057
Hi DaveHowe,

The keys are still in the key ring with exclamation marks next to them. How do I remove them ?
LVL 33

Expert Comment

by:Dave Howe
ID: 26208574
probably expired then - which would make all signatures from that key "bad" (unless you revoked it, which would have the same effect)

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
When you put your credit card number into a website for an online transaction, surely you know to look for signs of a secure website such as the padlock icon in the web browser or the green address bar.  This is one way to protect yourself from oth…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question