Once you have generated your master PGP key, will the \"data\" in the private ke

Question

Once you have generated your master PGP key, will the "data" in the private key ever change?

For instance, if you add another subkey, uid, or any other data to the master key, do these changes need to be "written" to the "secret half of the key", modifying it in any way? Or are all changes made to the "public half of the key", or even some sort of third signed file with the details?

That is, can you store the secret key on read-only media such as a CD-ROM, printed on paper, or tattooed onto the shaved head of one of your servants?

Explanation / Answer

Keys don't store data, they encrypt data. The data that it encrypts will change, but the key itself can't change or you would be unable to access your previously encrypted key-rings.

Now, you can role things forward to a new key by decrypting your entire key-ring and re-encrypting with a new private key, but that would only be done if your key became compromised (at which point you should really replace all your keys on your ring as well.)

Related Questions

Navigate

• Browse (All)
• Browse O
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.