El mié, 05-06-2024 a las 21:43 +0200, Ingo Klöcker escribió: > > Just create a new S-only subkey. There's no need to remove the S > capability > from the primary key because the signing key is only used by yourself > and you > know that you want to use the subkey for signing. > > > The major caveat is I'll have to update the fingerprint of signing > > key > > at multiple places. > > Not really. At least not for gpg because gpg will automatically use > the newest > signing (sub)key for signing data (unless you specified the signing > key with > trailing exclamation mark).
I suppose that in any case is needed to "redistribute" the public part of the new settings, in order to be verified by the receiver, isn't it? Regards > > Regards, > Ingo -- OpenPGP fingerprint ------------------- CBA7 480A 5FBC DB67 857F 54D3 434C 945C 1278 2FD7
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
