re-issuing subkey binding signatures with alternate digests
David Shaw
dshaw at jabberwocky.com
Tue May 5 04:18:39 CEST 2009
On May 4, 2009, at 6:52 PM, Daniel Kahn Gillmor wrote:
> On 05/04/2009 03:21 PM, David Shaw wrote:
>> Are there many subkey binding signatures using MD5? Talking about
>> subkeys at all means we're talking about something closer to OpenPGP,
>> which implies SHA-1 to me.
>
> I have no idea how many there are, actually. But if it makes more
> sense, imagine planning against the SHA-1 weaknesses instead, a few
> years down the road. As people start to jump ship from SHA-1 by
> explicitly distrusting all signatures made under that hash, your old
> SHA-1 subkey binding will become suspect, even if your key doesn't
> need
> to be revoked.
There are currently no means to do this with GPG (or other OpenPGP
programs, so far as I know). The generally accepted way to deal with
this sort of problem is to make a new subkey. After all, you would
have to re-distribute your key to give everyone the new binding
signature anyway, so you may as well distribute a new subkey. Subkeys
are very cheap.
David
More information about the Gnupg-devel
mailing list