Expiry bug (can convert v3 key to current?)

Len Sassaman rabbi@quickie.net
Tue Jul 3 00:00:01 2001


On 2 Jul 2001, Werner Koch wrote:


> || On Sat, 30 Jun 2001 14:59:40 -0700 (PDT)
> || Len Sassaman <rabbi@quickie.net> wrote:
>
> ls> Erm, wait a second. I read that a little too fast.
> ls> Werner, what's going on here?
>
> The specs only say that the primary key must be capable of signing.
> There is nothing in it to forbid a signing-only subkey. In fact it
> has always been possible to create a DSA subkey with GnuPG.
That's correct -- in fact, I think it's even explicitly mentioned in the specs... but I fear that this will cause more confusion for the users, and add little advantage. How does GnuPG handle signing subkey selection?
> I agree that gpg has the bug to ask for some properties (size of key)
> and later ignores the values because they make no sense for DSA.
Yep. __ Len Sassaman Security Architect | Technology Consultant | "Let be be finale of seem." | http://sion.quickie.net | --Wallace Stevens