Robert, On 4/1/17 3:08 PM, Robert J. Hansen wrote: >> Do I just move on and try not to do that in the future, or is there any >> hope for cleaning up? > Move on. It's okay, everybody makes this mistake in the beginning. :) I thought this might be the case. On the one hand, bummer, on the other, ok.
>> 2. In everyday use, what is the norm for folks to publish their keys to >> get other folks to use them? Do y'all put the fingerprint in your >> emails, attach your signatures (I see some of you on this list do), put >> the key on your social media, or what? > (My opinion on this used to be 100% orthodox; in the last few years I've > seen it become heterodox. The cool kids are all about TOFU today; I > think TOFU borders on crazy. So be warned, this opinion is ... stodgy, > by present standards.) > > If I'm corresponding with someone, I ask if they use OpenPGP; if they > do, I arrange for an out-of-band key verification. I also have my > fingerprint on my business card, so that if I meet someone face-to-face > it makes it easy as can be to do a key verification: here's my driver's > license, here's my business card, you get to verify I'm really Rob > Hansen and you have my fingerprint given to you directly by me. Sounds reasonable. I'll look into TOFU, but I think I'll lean towards a more conservative approach to start. >> 3. I've read >> https://superuser.com/questions/466396/how-to-manage-gpg-keys-across-multiple-systems >> and other such pieces proclaiming the value of having the master key in >> a safe place and having subkeys on your actual devices. I've following >> the guides and it seems that I am unable to actually sign anything with >> the subkey, gpg complains with gpg: signing failed: No secret key. gpg >> -K shows: > Please read the FAQ. Question 8.1 is directly applicable. > > The internet is full of people who will tell you "the true secret" to > "creating the perfect key". The reality is, unless you know exactly > what changes you're making and why you need to make them, you will be > far better served with the defaults. > > https://www.gnupg.org/faq/gnupg-faq.html If I don't get this master/sub key thing figured out successfully soon, I'll probably go back to defaults. >> 4. Is it safe to refer to my public key/fingerprint information as I did >> in the previous question with output from gpg? > Yes. > Thanks, Will
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
