On Tue, Nov 08, 2005 at 03:29:39PM +0100, Christoph Anton Mitterer wrote: > >Yes. Many people do it this way, including myself. It's not actually > >an RSA-S key (that's deprecated), but a regular RSA key with the S > >flag set. However, you don't actually want to change the primary from > >CS to C. > > > > > Why not? *g* Of course I could just don't use my primary key for signing > plain data,.. but I think it would be better to indicate that with the > flag, too.
Why? > And again,.. is it posible to change the flag on an existing key? And > how is it done? Via a selfsignature? If so, I could change the flag to > C, indicating everybody that I'm using the primary key for > signing-other-keys-only and if someone should insist on > challenge-response I could use the --expert flag or store a local-only > version of the key (e.g. in an seperate .gnupg dir) that contains the > key with CS. Well, sure, given a particular effect you want to achieve, you can always come up with a hideously complicated way to do it involving multiple copies of the key and extra work. Most people like to do it the easy way. > >>5) Would it change my primary key in such a way, that it renders the > >>signatures that I've already received from other users invalid? > >> > >> > >No. This does not affect third-party signatures. > > > > > Good,.. so I could change this as often as I'd like to, correct? If such a feature existed in GnuPG, yes. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
