Replying to Avatar Kc

PGP uses master and sub keys for that. So essentially the master key must be kept safe and it must sign each sub key or key revocation message. So only the sub private key, master public key and the signature must be known to the client to operate. Other clients then check if the signature matches (sub key signed by master) and can be assured that the key is owned by the same entity as the last (sub) key.

Dammit, it's hard to explain that in words 😂
Avatar
freeborn | ἐλεύθερος | 8r0gwg 2y ago

No, I get what you're saying. I recently went through [this](https://www.digitalneanderthal.com/post/gpg/) to learn more about pgp. I do think some kind of "revoke npub0 and replace npub1" solution is in here somewhere, but someone smarter than me would have to take it from here...

Reply to this note

Please Login to reply.

Discussion

No replies yet.