Re: Why Signing key part of Master key
On Sun 2019-02-24 19:53:53 +, Farhan Khan via Gnupg-users wrote: > I was under the impression that best practice was to keep the master > key offline in cold storage. "best practice" for some is "unusable complexity" for others :) If it works for you, it's probably not unreasonable to keep the primary key offline in cold storage. But remember that what that does is to protect the primary key itself -- if you've got subkeys that are capable of acting as you (with the exception of making OpenPGP certifications), those subkeys are not protected by keeping the primary key offline. > If so, wouldn't that make having the signing key impossible to use? sure, but there's nothing stopping an "SC-capable" primary key from *also* certifying another S-capable subkey, and using that one, if the primary key is kept offline. > And if so, is it possible to remove the Signing functionality from my > Certificate key that I already generated? the "change-usage" subcommand to "gpg --edit-key" might be what you're looking for. it's documented in more recent versions of the gpg(1) man page. change-usage Change the usage flags (capabilities) of the primary key or of subkeys. These usage flags (e.g. Certify, Sign, Authenticate, Encrypt) are set during key creation. Sometimes it is useful to have the opportunity to change them (for example to add Authenticate) after they have been created. Please take care when doing this; the al‐ lowed usage flags depend on the key algorithm. Note that if you do this after having sent messages signed by the primary key, it's not clear what the behavior will be for someone who reads those signed messages after fetching your updated OpenPGP certificate. Should the message signature be invalid because the primary key is no longer signing-capable? Also note that OpenPGP certificates are built and updated by aggregation. So if you change your primary key's usage flags, that'll simply be a new set of self-signatures that makes this change. Anyone who wants to build a composite OpenPGP certificate from your key material by filtering out this change can easily do so, producing a certificate that is appears to still be SC-capable. Reasonable OpenPGP clients that see this certificate *and* your updated one will merge them and respect the most recent usage flags. But does everyone you correspond with use a reasonable OpenPGP client and have access to your update certificate? (exercise left to the reader…) --dkg signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Why Signing key part of Master key
On 2/24/19 8:34 PM, Farhan Khan via Gnupg-users wrote: > Hi all, > > I am still working on setting up the "perfect" setup. When I created the > master, it was [SC]. I > question, why is the signing key part of the master key? Why not have it be a > subkey? Almost > everywhere I looked, the two were a single key except this site > (http://openpgpblog.tumblr.com/post/219954494/photos-on-pgp-keys). In my own > tests the signing > functionality worked the same when they the signing key was a subkey versus a > part of the master. > > Are there any advantages of disadvantages either way? > > Thank you, its mostly a sensible default as people tend to keep key material on disk on online computers to begin with.. the benefits of a separate primary normally comes out in scenarios with stronger security requirement, at which point the manual interaction required to set it up isn't the biggest hurdle anyways, but actually keeping up with operational security is. (note, its not the SC capable primary that is the issue to begin with, but actually keeping it isolated, the primary will always be able to become signing-capable anyways by updating the flags on its self-signature) -- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 Corruptissima re publica plurimæ leges The greater the degeneration of the republic, the more of its laws signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Why Signing key part of Master key
February 24, 2019 2:39 PM, "Kristian Fiskerstrand" wrote: > On 2/24/19 8:34 PM, Farhan Khan via Gnupg-users wrote: > >> Hi all, >> >> I am still working on setting up the "perfect" setup. When I created the >> master, it was [SC]. I >> question, why is the signing key part of the master key? Why not have it be >> a subkey? Almost >> everywhere I looked, the two were a single key except this site >> (http://openpgpblog.tumblr.com/post/219954494/photos-on-pgp-keys). In my own >> tests the signing >> functionality worked the same when they the signing key was a subkey versus >> a part of the master. >> >> Are there any advantages of disadvantages either way? >> >> Thank you, > > its mostly a sensible default as people tend to keep key material on > disk on online computers to begin with.. the benefits of a separate > primary normally comes out in scenarios with stronger security > requirement, at which point the manual interaction required to set it > up isn't the biggest hurdle anyways, but actually keeping up with > operational security is. > > (note, its not the SC capable primary that is the issue to begin with, > but actually keeping it isolated, the primary will always be able to > become signing-capable anyways by updating the flags on its self-signature) > > -- > > Kristian Fiskerstrand > Blog: https://blog.sumptuouscapital.com > Twitter: @krifisk > > Public OpenPGP keyblock at hkp://pool.sks-keyservers.net > fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 > > Corruptissima re publica plurimæ leges > The greater the degeneration of the republic, the more of its laws I was under the impression that best practice was to keep the master key offline in cold storage. If so, wouldn't that make having the signing key impossible to use? And if so, is it possible to remove the Signing functionality from my Certificate key that I already generated? --- Farhan Khan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Why Signing key part of Master key
On Sun, 2019-02-24 at 19:34 +, Farhan Khan via Gnupg-users wrote: > Hi all, > > I am still working on setting up the "perfect" setup. When I created the > master, it was [SC]. I > question, why is the signing key part of the master key? Why not have it be a > subkey? Almost > everywhere I looked, the two were a single key except this site > (http://openpgpblog.tumblr.com/post/219954494/photos-on-pgp-keys). In my own > tests the signing > functionality worked the same when they the signing key was a subkey versus a > part of the master. > > Are there any advantages of disadvantages either way? > Gentoo policy [1] requires split signing subkey. The main advantage is that you can then store primary key offline, and not have it exposed the same way subkeys are. [1]:https://www.gentoo.org/glep/glep-0063.html -- Best regards, Michał Górny signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Why Signing key part of Master key
Hi all, I am still working on setting up the "perfect" setup. When I created the master, it was [SC]. I question, why is the signing key part of the master key? Why not have it be a subkey? Almost everywhere I looked, the two were a single key except this site (http://openpgpblog.tumblr.com/post/219954494/photos-on-pgp-keys). In my own tests the signing functionality worked the same when they the signing key was a subkey versus a part of the master. Are there any advantages of disadvantages either way? Thank you, --- Farhan Khan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users