using various subkeys
Adrian 'Dagurashibanipal' von Bidder
avbidder@fortytwo.ch
Tue Aug 20 16:36:01 2002
--=-2RZL6qjtlQRPmswKTFWI
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
Yo!
In a recent thread I picked up the idea of using multiple subkeys
instead of entirely different key pairs. I just want to be sure I
understand all implications of what I want to do - no need to get my
keys killed...
Basically I have a computer at home, regarded secure, and computers that
are less secure. Primary concern is signing, I rarely use encryption. I
want to use the same key everywhere without letting somebody compromise
my primary key.
So I
- generate a key with the default settings (DSA/ElG)
- add a second subkey (DSA)
- --export-secret-subkeys
- import this into a new keyring and delete the encryption subkey.
(the primary secret key contains no cryptographical data, right?)
- transfer this keyring onto the not-so-secure machine and use it just
as I would a normal key. gpg automatically selects the signing subkey
to sign, as it cannot use the primary one.
Wishlist items:=20
- it would be nice if --export-secret-subkeys would accept the
<subkey-id>! syntax and only export a stripped secret key with that
subkey.=20
- It should be made really clear that the primary of such a key is a
dummy and does not contain the secret key (--list-secret-keys
output etc.).
Possible issues - I hope I understand this correctly:
- Keyservers will not work with my new key. (Except LDAP)
- PGP users can verify such signatures from version ???
- gpg users can verify such signatures from version ???
- There is no way to tie a subkey to a userid (if I were to
use encryption subkeys, this would be a hint 'if you mail me
at this address, use that subkey).
- if the subkey is compromised, the attacker can sign documents with=20
it (of course).
- if the subkey is compromised, the attacker can sign other keys with
it (I believe. Or can a key only be signed with the primary?)
- If I were to import a dummy-primary key into my master keyring, gpg
merges the keys just right.
- all this does not affect the management of the user ids in any way.
- when the primary secret key is available, gpg will by default use
it and not the additional signing subkey.
Comments? I think I will document this setup with its pros and cons
compared with just using multiple keypairs. Once I am sure that I want
to implement it, that is.
cheers
-- vbi
--=20
secure email with gpg http://fortytwo.ch/gpg
--=-2RZL6qjtlQRPmswKTFWI
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQA9YlQgwj49sl5Lcx8RAoC6AKCMT3UDzKvPw2DNQ1UeimmTJDm/CQCeLW2u
UbCEzcXD+xQpssn3sPKLulk=
=HeDF
-----END PGP SIGNATURE-----
--=-2RZL6qjtlQRPmswKTFWI--