I’ve been trying to fix my GPG situation for a few hours today and yesterday. I installed gpg, a keychain tool and a file encryption tool for OSX from http://macgpg.sf.net/, and I copied my keyrings from my old confusibombus machine to the new alpinobombus machine. I installed Enigmail for Thunderbird. But when I sent my key to a friend, he told me that he sees only the “pub” and not the “sub” – whatever that means – and whether I ever got anything encrypted with that key. He believes that maybe I can use my key only for signing, not for decrypting. Hm!?
Oh well... I’m trying to generate a new key right now...
Ok, seems to work. I set a new expiration date one day in the future to my old key and sent it to the keyserver. I also disabled it in my keyring.
I also noted various other keys still floating around that belong to me. But I don’t have their secret keys anymore (maybe I should check at my office – perhaps I still have them lying arround...). So I cannot disable them. I hope they have an expiration date set!
Based on this experience I will now set an expiration date on the newly created key as well. Better than to have a key floating arround forever that I cannot use anymore, and that I cannot disable anymore.
#Software