Singpolyma

Technical Blog

OpenPGP Keys with Photos

Posted on

So, one of the things I decided to do with the transition to my new PGP key was add a small JPEG photo (my common avatar, which is indeed a photo of me) as a UID. This is something OpenPGP keys have supported for some time, it doesn’t add too much to the keysize (as long as you keep the photo small, which I did), it helps people to identify me, and ties the key more firmly to my IRL identity.

I then discovered a problem: some old keyservers, like pgp.mit.edu, *will not* accept keys with photo UIDs. It’s not that they ignore the photo, it’s that they simply refuse the key!

So, with the help of Daniel Kahn Gillmor, I have discovered the strategy for uploading these keys to the old keyservers using the CLI interface to GnuPG (which is what I normally use for my OpenPGP stuff).

cd /tmp/
mkdir -m 0700 testring
gpg --export KEYID | GNUPGHOME=/tmp/testring gpg --import
GNUPGHOME=/tmp/testring gpg --edit-key KEYID

# Select the photo UID by typing it’s number

deluid
save
GNUPGHOME=/tmp/testring gpg --keyserver pgp.mit.edu --send KEYID
rm -rf /tmp/testring

Leave a Response