README: rewording

This commit is contained in:
alterNERDtive 2022-07-19 14:42:50 +02:00
parent cd4aa22291
commit 80689c627e
Signed by: alterNERDtive
GPG key ID: 547787A4FE6533F1

View file

@ -1,6 +1,7 @@
# GPGTool
Zsh script to manage GPG keys without storing the master key.
Zsh script to manage GPG keys without storing the master key in your main GnuPG
keyirng.
**This is currently in a *TESTING* state. Do not use for production unless you
can manually verify each step doesnt accidentally leak into your main GnuPG
@ -14,9 +15,12 @@ keys.
An attacker will be able to use the currently valid sub keys until you revoke
them. They will _never_ be able to create new sub keys for your master key.
So in case of compromise of your GPG key(s), whip out your securely stored
master key, invalidate your current sub keys, make sure to propagate that e.g.
via key server and generate new sub keys.
So in case of compromise of your GPG key(s)
1. whip out your securely stored master key,
2. revoke your current sub keys,
3. make sure to propagate that e.g. via key server and
4. generate new sub keys.
## Installation