Question on subkeys usage and OpenPGP card. - warning, quite lengthy

Neal Dudley neal.dudley at utoledo.edu
Tue Mar 4 07:07:19 CET 2008 

Sounds like I should just regenerate a new 1024 bit RSA primary signing key
and copy it to the card (and an encryption subkey as well, of course).

Thank you for your help!


On 3/3/08 7:47 PM, "David Shaw" <dshaw at jabberwocky.com> wrote:

> On Mar 3, 2008, at 4:59 PM, Neal Dudley wrote:
> 
>> I have read that it is good practice to create a primary signing
>> key, and
>> then use subkeys on the card.  This is the recommended method for
>> setup of
>> the FSFE card, which is just a fancy skin on the OpenPGP card.  My
>> problem
>> is that now I have a DSA primary key on trusted media in a safe
>> location,
>> which I have to retrieve for any key signing I want to perform.  I
>> cannot
>> simply sign the keys with the signing subkey stored on my OpenPGP
>> card.
>> 
>> Are there any security implications for using the same signing key for
>> normal document signing *and* key signing?
> 
> There are only minor security implications to this.  The main reason
> why you use the primary key to sign keys (called "certification", by
> the way) is semantic.  Identity in OpenPGP is a key plus a user ID.
> That key, given the way keys are laid out, is the primary.  The
> primary is what certifies (self signs) the user ID.
> 
> It is mathematically possible to certify a user ID with a subkey, but
> semantically that subkey isn't part of your identity, so the
> certification is not used.
> 
>> This brings me to my last question.  Let us assume that I create a
>> primary
>> signing key with an expiration.  I then get that key signed by several
>> people.  When the expiration date is near, do I simply create a new
>> signing
>> key and sign it with the original key (before it expires, of
>> course)?  Is
>> the new key then considered just as trusted as the original key,
>> which has
>> all the signatures on it?  Is there any method for transferring the
>> signatures to the new key, or would the new key have to be resigned by
>> everyone that signed the original?  Using the default WoT model,
>> doesn't
>> this mean that every third time the key is renewed, it would not be
>> trusted
>> and would need to be resigned by everyone that signed the previous
>> key?
> 
> No, you do not need to make a new key or do anything like that.  If
> and when your key expires, you can simply extend the expiration date
> as needed.  OpenPGP has "soft" key expiration that can be changed at
> will by the keyholder.
> 
> David
>

More information about the Gnupg-users mailing list