Re: Moving from 1024-bit -> 2048-bit key.
Once I've generated a 2048-bit key, how can I update my key on the keyservers?
First you need to generate a key revocation for your old key and post that to the servers. Then just email your new key to the server. I think the command to revoke a key is PGP -kr <key ID> but check the manual/help files to be sure... I haven't had to revoke a key yet so that's why I'm a little fuzzy. Later... Greg Morgan -- ----------------------------------------------------------------------------- Greg Morgan <grmorgan@freenet.vcu.edu> | "I dunno Brain, me and Pipi
Why revoke the old one? If I want to send a message I don't think needs 2048 RSA bits of security, why bother with it? I have little doubt the FBI would get your key from your computer at 1024 bits. Thus, the effort needed to compromise a key does not change as one moves from a 1024 to a 2048 bit key. Threat models are really helpful. They become more helpful as one acurately assesses ones enemies. Ronald Kessler wrote a book called The FBI. Its fairly evenhanded examination of the post-Hoover bureau. He does gloss over DT & Waco; they occured as he was finishing the book. Reading it will give you good insight into the way the FBI, and its agents, work. (0-671-78657-1) Adam | >Once I've generated a 2048-bit key, how can I update my key on the | >keyservers? | > | | First you need to generate a key revocation for your old key | and post that to the servers. Then just email your new key to | the server. -- "It is seldom that liberty of any kind is lost all at once." -Hume
participants (2)
-
Adam Shostack -
grmorgan@freenet.vcu.edu