On 02/15/2017 03:27 PM, Adam Sherman wrote: > On 2017-02-15 06:51 AM, Kristian Fiskerstrand wrote: >>> Do I need access to my master key in order to expand my web of >>> trust? This seems like quite a restriction. >> Yes, although you can generate a local CA key to use for this purpose >> for short term validity considerations used for local signatures. > > How do you do that? Is there a type of sub-key you use? >
No, just a completely separated primary key with C capability, no subkeys and is never published anywhere, rotated regularly to issue lsigns for short term use -- ---------------------------- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk ---------------------------- Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 ---------------------------- Qui audet vincit Who dares wins
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users