Felix E. Klee wrote: > I've a couple of newbee questions concerning sub keys: > > * Aside from convenience, is there any difference between a sub key and > an ordinary key signed with the master key? >
A subkey cannot issue a certification signature - at least not in any known implementations. > * Can such an ordinary key be transformed into a sub key? > Yes, with difficulty. See http://atom.smasher.org/gpg/gpg-migrate.txt for details. > * Since when (date and version) does PGP and since when does GnuPG > support signing sub keys? I ask because I read that old versions, at > least of PGP, support only encryption sub keys, not signing sub keys. > PGP 8 supports signing subkeys; no other offical version of PGP before then does. It's possible that 6.5.8ckt and 2.6.3ia supported them as well. > * Are signing sub keys part of the OpenPGP standard? > Yes. They wouldn't be in GPG if they weren't. > * One can include any number of sub keys into a key, right? I ask > because I recall reading that there was/is some problem with key > servers and sub keys. > PKS keyservers (pre version 0.9.6) had a bug that mangled keys with multiple subkeys. Fortunately they are mostly SKS and/or newer than this now. However, most versions of PGP will ignore the key flags on an RSA subkey, so you may end up getting messages encrypted to your signing subkeys. > If there is any good documentation on sub keys, aside from technical > specifications (such as RFC 2440), then please let me know. > Adrian von Bidder wrote an excellent tutorial on subkeys at <http://fortytwo.ch/gpg/subkeys>. -- Alphax Death to all fanatics! Down with categorical imperative! OpenPGP key: http://tinyurl.com/lvq4g
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users