I d like to have multiple signing key in my certificate
jeanjacquesbrucker at gmail.com
Thu Apr 7 21:23:31 CEST 2011
Hi, I wanted to hold multiple signing key in my certificate, so I created 2 sub-keys with the sign flag. But I am unable to choose the key I want to use to sign : I have tried to specify the signing key I want to use with the --local-user option, eg.:
$ gpg2 --detach-sign -u 96193F28 M.C.jpg
$ gpg2 --detach-sign -u 7CFD0EC7 M.C.jpg
But both signatures use the last signing key in my certificate. (ie. 7CFD0EC7).
Is there a way to tel gpg (i still use v. 2.0.13... i will compile the git version soon) to sign with a specific key in a certificate ?
I have an other question, but concerning the RFC4880 : There is a lot of reserved subpacket type for signature. Why so many ?
In fact I would like to make signing chain, there is a subpacket type for "Issuer", but none for "Recipient" which make sense in a signing chain. Was a reserved type used for "Recipient" which we could reuse for signing chain ? (17 ?)
(I see the subpacket type for embedded signature but it is useless for what I'd like to do).
---- BEGIN of the RFC4880 extract ---- ;-)
The value of the subpacket type octet may be:
0 = Reserved
1 = Reserved
2 = Signature Creation Time
3 = Signature Expiration Time
4 = Exportable Certification
5 = Trust Signature
6 = Regular Expression
Callas, et al Standards Track [Page 25]
RFC 4880 OpenPGP Message Format November 2007
7 = Revocable
8 = Reserved
9 = Key Expiration Time
10 = Placeholder for backward compatibility
11 = Preferred Symmetric Algorithms
12 = Revocation Key
13 = Reserved
14 = Reserved
15 = Reserved
16 = Issuer
17 = Reserved
18 = Reserved
19 = Reserved
20 = Notation Data
21 = Preferred Hash Algorithms
22 = Preferred Compression Algorithms
23 = Key Server Preferences
24 = Preferred Key Server
25 = Primary User ID
26 = Policy URI
27 = Key Flags
28 = Signer's User ID
29 = Reason for Revocation
30 = Features
31 = Signature Target
32 = Embedded Signature
100 To 110 = Private or experimental
---- END of the RFC4880 extract ----
Thx for all.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 230 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-devel