| gabriel rosenkoetter on 26 Nov 2003 17:55:03 -0500 |
|
Not off-topic in my opinion. On Tue, Nov 25, 2003 at 11:39:21AM -0500, Rob Carlson wrote: > Unfortunately I forgot that gnupg uses "dot" files, and I didn't save > that. Of course the key I created for my work account had no expiration > either, so I can't upload a new key. I beg your pardon? Keys are identified by keyid, not by email address. It's certainly *irritating* to have more than one key attached to the same email address in the keyservers, but in the most common usage of the keyserver (I've received a message signed by your key; I want to go retrieve the key that signed this message so that I can verify it; I go ask for the keyid, because I know that, not the email address), this won't ever come up. You can certainly send a new key to the keyservers. Or did you mean something other by "upload"? > My question-- is my work account email address forever damned to be > unable to use pgp, or is there some way (preferable) that I can use my > home account key with my work account in Mozilla mail? You should simply generate a new keypair at work and use that. Inform any correspondents with the old key that you have lost the private key, so they should avoid encrypting to the the old key because you won't be able to read it. If that was really the only copy of your old key, you don't have to worry about someone stealing it, and they shouldn't either, though they've got no particular reason to believe that. They've also got no particular reason to believe that you're reall you. For some people, signing your work PGP key with your home PGP would be enough for them to believe you. For sticklers, a full reverification with photo ID would be necessary. (This is a personal issue with each signer, since it's about their stating publicly that they trust you.) Note that you could have avoided this situation by following the Best Practice of generating a revocation certificate (ASCII armored) at the time of key generation, printing it, and putting it somewhere safe. That way, if you lose the key, it's still revocable. > My gut hunch is I've rendered my work account useless for PGP > forever. Any ideas? It would be terrible if PGP relied completely on your not destroying your private key to function with a given email address. On Wed, Nov 26, 2003 at 05:21:26PM -0500, LeRoy Cressy wrote: > from your work machine emil to yourself your public key. Then add the > key to your key ring. Considering he's missing his PRIVATE key at work, I don't see how that'll help much. -- gabriel rosenkoetter gr@eclipsed.net Attachment:
pgp6MHg7RQUo9.pgp
|
|