Cannot delete or reassign a gpg key

We may want Launchpad Admins to see a delete action next to each gpg key.

GPG keys can't usually be deleted, since SourcePackageRelease.dscsigningkey references them forever.

Could it be possible to delete PGP keys that have never been used? I'd like the key associated to my ~jroquet account (the one I'm using to write this) to be deleted, so that I can use it with my ~arkanosis account, which is the only one I plan to use from now on. Thanks!

After thinking a bit about it, I'm now wondering why one can't use the same PGP keys with multiple accounts, to begin with. Does anyone know? Thanks!

If you think about it for a little bit, I think you can derive to an answer. Usually GPG keys are part of the Web of Trust and represent a person or a role. It is public-key cryptography, and not a shared secret. Launchpad allows privileged operations based on the GPG key signatures alone over otherwise untrusted protocols (dput package uploads), which thus must uniquely resolve to accounts.

Dear Dimitri,

Thank you for you kind answer.

I totally understand what you mean and I don't share my keys with anyone, but what about people like me with several accounts? Is it against some policy on Launchpad? Not that I'd have any problem with this, just asking.

In my case, my trusted GPG key has been associated with a Launchpad account (jroquet) which is not the one I'm known to use (arkanosis) — my own mistake — so I'm unable so sign packages with my trusted key and my known account.

I wouldn't mind the key being de-associated from the jroquet account (as it has never been used to sign packages so far), or even the jroquet account being deleted (if having two accounts is against some policy). Is something possible here? Should I open a specific bug for this for tracking?

Thanks again and best regards,