I d like to have multiple signing key in my certificate
John Clizbe
John at enigmail.net
Thu Apr 7 21:50:22 CEST 2011
Jean-Jacques Brucker wrote:
> Hi, I wanted to hold multiple signing key in my certificate, so I created 2 sub-keys with the sign flag. But I am unable to choose the key I want to use to sign : I have tried to specify the signing key I want to use with the --local-user option, eg.:
>
> $ gpg2 --detach-sign -u 96193F28 M.C.jpg
> $ gpg2 --detach-sign -u 7CFD0EC7 M.C.jpg
>
> But both signatures use the last signing key in my certificate. (ie. 7CFD0EC7).
>
> Is there a way to tell gpg (i still use v. 2.0.13... i will compile the git
> version soon) to sign with a specific key in a certificate ?
IIRC, GnuPG will use the newest valid capable subkey to sign.
From the man papge:
> Note that you can append an exclamation mark (!) to key IDs or finger-
> prints. This flag tells GnuPG to use the specified primary or sec-
> ondary key and not to try and calculate which primary or secondary key
> to use.
So your example commands become:
$ gpg2 --detach-sign -u 0x96193F28! M.C.jpg
$ gpg2 --detach-sign -u 0x7CFD0EC7! M.C.jpg
-John
--
John P. Clizbe Inet:John (a) Mozilla-Enigmail.org
FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or
mailto:pgp-public-keys at gingerbear.net?subject=HELP
Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 886 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110407/45ca5553/attachment.pgp>
More information about the Gnupg-devel
mailing list