I d like to have multiple signing key in my certificate

John Clizbe John at enigmail.net
Thu Apr 7 21:50:22 CEST 2011

Jean-Jacques Brucker wrote:
> Hi, I wanted to hold multiple signing key in my certificate, so I created 2 sub-keys with the sign flag. But I am unable to choose the key I want to use to sign : I have tried to specify the signing key I want to use with the --local-user option, eg.: 
> $ gpg2 --detach-sign -u 96193F28 M.C.jpg
> $ gpg2 --detach-sign -u 7CFD0EC7 M.C.jpg
> But both signatures use the last signing key in my certificate. (ie. 7CFD0EC7).
> Is there a way to tell gpg (i still use v. 2.0.13... i will compile the git
> version soon) to sign with a specific key in a certificate ?

IIRC, GnuPG will use the newest valid capable subkey to sign.

From the man papge:
>        Note that you can append an exclamation mark (!) to key IDs or  finger-
>        prints.   This  flag  tells  GnuPG to use the specified primary or sec-
>        ondary key and not to try and calculate which primary or secondary  key
>        to use.

So your example commands become:

$ gpg2 --detach-sign -u 0x96193F28! M.C.jpg
$ gpg2 --detach-sign -u 0x7CFD0EC7! M.C.jpg


John P. Clizbe                      Inet:John (a) Mozilla-Enigmail.org
FSF Assoc #995 / FSFE Fellow #1797  hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 886 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110407/45ca5553/attachment.pgp>

More information about the Gnupg-devel mailing list