Endpoint Encryption

Here is the setup and my Theory:

I have been using PGP for years and I have a 2048 Public Key that the people I correspond with need to open existing emails from me.

I want to create a 4096 Public Key and NOT put it on the Public Servers.  Instead, I want to manually distribute via USB key to the people who will need it, but, I need to make sure that they can set this key to be my default, but, that they can still open existing emails with my current (soon to be old) key.

Is this possible?

Will PGP Desktop 10.3.1 allow this?

Will my 4096 key from a USB key to the local keyring even work on older versions of PGP?

I have a lot of "I don't knows", does anyone have answers?

Chicago

Please be aware that while others need your public key to verify your signatures, they do not need it to decrypt encryption to them - your encryption to them is to their public key; they use their private key to decrypt.

To control which of your public keys they use when encrypting to you, they can disable your other key.  This can be done by their right clicking on your key in All Keys, and selecting Disable.  Once this is done, they cannot use the key to encrypt to you, but can use it to verify signatures you make with it. 

It does not matter how you distribute this new key to them - they need to import it, and sign it so that it will be marked verified, and therefore available for them to encrypt to.

I totally get what you are saying, but, the real crux of my dilemma is:

If I get them my new "Super Key" and they import and Sign, will they still be able to open older emails from me with the old keys?

And, Again THANK YOU to all who chime in.

IT CHI

Yes

Please let us know if you have further questions on this.  If you consider your concern sufficiently answered, please use the Mark As Solution on the most helpful response.