using subkey signatures

Adrian 'Dagurashibanipal' von Bidder avbidder at
Mon Sep 2 15:44:01 CEST 2002


It just came to my attention (thanks Matthew) that gpg can't
auto-retrieve a key if the signature was made by a subkey, since the
main keyid is not contained in the signature package at all.

Is there some work done to make this work?
 - the keyserver could index the subkey id's, too or
 - the primary keyid could be included in the signature somehow
(NOTATION subpacket?)

gpg of course would need to parse this.

I'll do the 2nd for now, although I feel the first would be 'cleaner'
(although I don't know why, really).

Hmmm... I understand that the proposed way to define a local notation is
<name>@<site>=..., so the probability of namespace conflict is
minimized. gpg won't let me do this. (1.0.7, that is.)

-- vbi

secure email with gpg              

NOTICE: is known to carry a valid copy of my key
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 440 bytes
Desc: This is a digitally signed message part
Url : /pipermail/attachments/20020902/67cf5cba/attachment.bin

More information about the Gnupg-devel mailing list