On Tue, 7 Jul 2020 22:22, Stefan Claas said: > Mmmhhh, I was under the impression when he still has the secret key that > he exports his secret-key (makes a back-up, just in case) re-imports
The gpg-agent does not store the OpenPGP secret keyblock. It fact that is only created when you run a gpg --export-secret-key. The agent stored the bare numbers required for the crypto operations and nothing else - it is protocol agnostic. Sure, you can create a new public or (with --export-secret-key) secret key from that but it won't have the same preference, creation date, expire date and so on. Even the fingerprint will be different because the creation date is part of the fingerprint computation. That latter is the reason why the OpenPGP card stored the creation date of the key, so that the fingerprint can be re-computed from the the bare numbers. If you know the fingerprint it is of course easy to find the creation date; that are at worst a mere 710 million hashes (from 1998 to now). it is just that we don't have the tooling. To make things easier I will probably store the creation date as meta data along with the bare numbers in the forthcoming 2.3. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
