Hello, I hope you can give me some advice on the following problem:
We have a OpenPGP key which we use for signing our software releases. That key should be changed yearly and carry an expiration date to enforce this change. However, for the signatures to be useful, the key has to be signed by quite a lot of well-known people and institutions, which means a considerable effort. If we just regenerate the whole key every year, we would have to get all these signatures again. I have a feeling that generating new subkeys might be a solution, but I have never worked with subkeys before, so I thought you could give me some advice what would be the best thing to do. Thanks, Andreas _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
