Key version games (was Re: problem with exporting subkeys)

David Shaw dshaw@jabberwocky.com
Thu Feb 28 20:16:01 2002


On Thu, Feb 28, 2002 at 08:52:50PM +0200, disastry@saiknes.lv wrote:
> > We should construct such a key and see if any programs break with it.
> > Where did you see it?
> 
> I have one on my keyring, I put it on web page at
> http://disastry.dhs.org/pgp/testkeys/testv3withsubkey.asc
> 
> I don't remember from where I got this key, but I don't think
> that I generated it myself, because it have passphrase "test"
> (all may test keys have passphrase "a" or "12345678" :) )
> 
> but I also remember seen real (not test) key belonging to some person.
> I can't find it...  it was RSAv3 key with Elgamal subkey.
> 
> GPG allows (maybe it does not allow now, but at least
> older versions allowed) to add subkeys to v3 keys.

It still allows you, but it prints a warning "creating subkeys for v3
keys is not OpenPGP compliant".  It may have warned before too.

> > Speaking of key versions - I spent some time looking at what versions
> > were permitted with what a while ago and one thing that does seem to
> > be explicitly permitted is v4 keys with v3 subkeys.  I did test this
> > and PGP supports it (though this may be accidental support).  GnuPG
> > 1.0.6 only partially supports it, but I fixed that in 1.0.7.
> > 
> > Florian, this can give you the unchangeable expiration date that you
> > wanted, if you're willing to accept the restrictions (RSA only, etc.)
> > on v3 keys :)
> 
> btw, v3 subkeys are (seems to be) allowed too,
> section 5.5.2. Public Key Packet Formats
>    "A version 3 public key or public subkey packet contains:"

That's what I just said - one paragraph up.  I can't see any really
good use for it except that v3 (sub)keys have a fixed expiration date
that cannot be changed in the binding self-sig.  That's why I thought
Florian would be interested, since he wanted that feature.

I suppose it would be handy for someone who had a lot of v3 keys to
gather them together into one key, but that really doesn't give you
anything useful.

> some time ago I did some experiments - added key to other key as subkey,
> and converted subkey to key :) it worked.

Yes.  I tried that once as well.  I was thinking it would be an
interesting solution for wanting a signing subkey, but since PGP
couldn't verify a signature from a signing subkey, I made my signing
subkey into a regular v4 key for PGP folks. :)

David

-- 
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson