I d like to have multiple signing key in my certificate

Jean-Jacques Brucker jeanjacquesbrucker at gmail.com
Thu Apr 7 21:23:31 CEST 2011 

Hi, I wanted to hold multiple signing key in my certificate, so I created 2 sub-keys with the sign flag. But I am unable to choose the key I want to use to sign : I have tried to specify the signing key I want to use with the --local-user option, eg.: 

$ gpg2 --detach-sign -u 96193F28 M.C.jpg
$ gpg2 --detach-sign -u 7CFD0EC7 M.C.jpg

But both signatures use the last signing key in my certificate. (ie. 7CFD0EC7).

Is there a way to tel gpg (i still use v. 2.0.13... i will compile the git version soon) to sign with a specific key in a certificate ?

Thx.


 ----

I have an other question, but concerning the RFC4880 : There is a lot of reserved subpacket type for signature. Why so many ?
In fact I would like to make signing chain, there is a subpacket type for "Issuer", but none for "Recipient" which make sense in a signing chain. Was a reserved type used for "Recipient" which we could reuse for signing chain ? (17 ?)

(I see the subpacket type for embedded signature  but it is useless for what I'd like to do).

---- BEGIN of the RFC4880 extract ---- ;-)

   The value of the subpacket type octet may be:

            0 = Reserved
            1 = Reserved
            2 = Signature Creation Time
            3 = Signature Expiration Time
            4 = Exportable Certification
            5 = Trust Signature
            6 = Regular Expression

Callas, et al               Standards Track                    [Page 25]
RFC 4880                 OpenPGP Message Format            November 2007

            7 = Revocable
            8 = Reserved
            9 = Key Expiration Time
           10 = Placeholder for backward compatibility
           11 = Preferred Symmetric Algorithms
           12 = Revocation Key
           13 = Reserved
           14 = Reserved
           15 = Reserved
           16 = Issuer
           17 = Reserved
           18 = Reserved
           19 = Reserved
           20 = Notation Data
           21 = Preferred Hash Algorithms
           22 = Preferred Compression Algorithms
           23 = Key Server Preferences
           24 = Preferred Key Server
           25 = Primary User ID
           26 = Policy URI
           27 = Key Flags
           28 = Signer's User ID
           29 = Reason for Revocation
           30 = Features
           31 = Signature Target
           32 = Embedded Signature
   100 To 110 = Private or experimental

---- END of the RFC4880 extract ----

Thx for all.

-- 
Jean-Jacques B.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 230 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110407/64703e66/attachment.pgp>

More information about the Gnupg-devel mailing list