Certification signatures on subkeys

Mihai Ibanescu misa at rpath.com
Wed Jan 30 16:44:26 CET 2008


I noticed something strange on a key I imported:


As you can see, the subkey has certification (type 0x10-0x13) signatures on
its subkey.

At least the way I read RFC4880, the only types of signatures that should be
present on a subkey are key binding or revocation signatures.

Am I missing something?

If this is a valid scenario, can someone point me to a spec with a description
of how the certification signature is hashed in this case? RFC4880 indicates
only how it gets hashed when attached to a User ID or User Attribute case.


PS apologies if this doesn't belong to gnupg-devel.

More information about the Gnupg-devel mailing list