v3 subkeys and signatures (was: Using second keyring may be)
David Shaw
dshaw at jabberwocky.com
Sat Jun 23 15:21:05 CEST 2012
On Jun 23, 2012, at 2:49 AM, Georgi Guninski <guninski at guninski.com> wrote:
> On Fri, Jun 22, 2012 at 12:40:23PM -0400, David Shaw wrote:
>>
>> .... V3 can't be a primary and have subkeys of their own)
>
>
> This is not entirely correct.
>
> Technically v3 may have subkeys (after patching gpg) - check the
> keyring "fake4" that I posted on this list.
Yes. Werner and I were discussing this in the context of the OpenPGP spec. In OpenPGP, v3 keys cannot have subkeys (it's in section 11 - "V3 keys MUST NOT have subkeys"). GPG actually allowed this for a while until the spec was changed. If you patch the code, you can of course make it do anything you want :)
> Not sure if v3 subkeys are usable though - maybe gpg needs more
> patching to sign with them.
They should be (at least in 1.4 they were). I haven't tried it in 2.x recently.
David
More information about the Gnupg-devel
mailing list