An update from GitHub on PGP subkeys

Jan 2, 2019
1 minute read

A few weeks ago I wrote about adding a new PGP subkey to your GitHub account. I reported this issue to GitHub when I discovered it. Today, I have gotten a response from GitHub:

When a new subkey is added to an existing PGP key on an account, it currently has to be removed and added back to the account to update it on our side.

This is expected behaviour for now but I agree it isn’t the most elegant solution! We’ll pass your request onto the team to consider.

I can’t promise if or when we’d add this but we’ll make sure the request is in the right hands.

So, perhaps this will work properly in the future, or at least be documented behavior ☺ I have now also reported this issue to GitLab, which I forgot to do earlier because I had a plane to catch.