Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Protecting My Key

Created: 17 Sep 2013 • Updated: 20 Sep 2013 | 4 comments
This issue has been solved. See solution.

Here is the setup and my Theory:

I have been using PGP for years and I have a 2048 Public Key that the people I correspond with need to open existing emails from me.

I want to create a 4096 Public Key and NOT put it on the Public Servers.  Instead, I want to manually distribute via USB key to the people who will need it, but, I need to make sure that they can set this key to be my default, but, that they can still open existing emails with my current (soon to be old) key.

Is this possible?

Will PGP Desktop 10.3.1 allow this?

Will my 4096 key from a USB key to the local keyring even work on older versions of PGP?

I have a lot of "I don't knows", does anyone have answers?

Chicago

 

 

Operating Systems:

Comments 4 CommentsJump to latest comment

Tom Mc's picture

Please be aware that while others need your public key to verify your signatures, they do not need it to decrypt encryption to them - your encryption to them is to their public key; they use their private key to decrypt.

To control which of your public keys they use when encrypting to you, they can disable your other key.  This can be done by their right clicking on your key in All Keys, and selecting Disable.  Once this is done, they cannot use the key to encrypt to you, but can use it to verify signatures you make with it. 

It does not matter how you distribute this new key to them - they need to import it, and sign it so that it will be marked verified, and therefore available for them to encrypt to.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

SOLUTION
IT CHI's picture

I totally get what you are saying, but, the real crux of my dilemma is:

If I get them my new "Super Key" and they import and Sign, will they still be able to open older emails from me with the old keys?

And, Again THANK YOU to all who chime in.

IT CHI

Tom Mc's picture

Yes

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Tom Mc's picture

Please let us know if you have further questions on this.  If you consider your concern sufficiently answered, please use the Mark As Solution on the most helpful response.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &