Certification signatures on subkeys
David Shaw
dshaw at jabberwocky.com
Wed Jan 30 19:46:10 CET 2008
On Wed, Jan 30, 2008 at 10:44:26AM -0500, Mihai Ibanescu wrote:
> Hi,
>
> I noticed something strange on a key I imported:
>
> http://pool.sks-keyservers.net:11371/pks/lookup?search=0x10FA4CD1&op=vindex
>
> As you can see, the subkey has certification (type 0x10-0x13) signatures on
> its subkey.
>
> At least the way I read RFC4880, the only types of signatures that should be
> present on a subkey are key binding or revocation signatures.
That is correct.
The key is a little bit mangled. GPG ignores 0x10-0x13 signatures on
subkeys, as they are not allowed there.
David
More information about the Gnupg-devel
mailing list