PGP Default Signing Urgent

Posted on 2009-12-31
Last Modified: 2013-12-09
There are about 90 keys from various clients in the pubring.pkr and I added and signed a new public key with my secret key after entering my pass phrase. I got a prompt whether or not to set my key as default signing key and I said yes.
As usuall, this has changed the default signing key for all 90 keys in the pubring.pkr file. And I see exclamation mark of 90 of them which I guess is no longer valid as they were signed using a differnet pass phrase.
My questions:
Will this affect the 90 clients in any way ?
What was the option I would get when I say not to use my key a default key ?
How do I remove the excalmation mark from 90 of the keys ?

Please let me know.
Question by:coventri
    LVL 33

    Accepted Solution

    Ok, from the top then.

    1) signing or not signing a client's public key can have no effect at all on that client - signatures are additive, so each new signature you add (unless it has expiry or is revoked) increases the odds someone can make a trust decision based on the signatures attached.

    2) creating a new key, or setting a new default key, should have no effect on signatures already made, and I *mean* no effect - they can't know or care that you have a new key. Only operations on the original key can have that effect, and being or not being the signing default is not going to alter that.

    3) signatures should not automagically become "bad" unless the original key is revoked; however, if the original key is deleted from your keyring, then it will be unable to verify the signatures, and/or if the key had an expiry that has now been reached. if the key is explicitly revoked, this will also mark the signatures as bad, effectively removing them entirely.

    of those, (3) is going to be of the most importance to you now - and that revolves around the original key - do you still have it on your keyring, has it been revoked, or has it expired?
    LVL 1

    Author Comment

    Hi DaveHowe,

    The keys are still in the key ring with exclamation marks next to them. How do I remove them ?
    LVL 33

    Expert Comment

    by:Dave Howe
    probably expired then - which would make all signatures from that key "bad" (unless you revoked it, which would have the same effect)

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
    Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

    730 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now