using various subkeys

Werner Koch wk@gnupg.org
Tue Aug 20 17:31:01 2002


On 20 Aug 2002 16:37:20 +0200, Adrian 'Dagurashibanipal' von Bidder said:

>  - import this into a new keyring and delete the encryption subkey.
>    (the primary secret key contains no cryptographical data, right?)

Correct it is just a stub marked with the ID for a private key
protection algorithm which is the most secure cipher one can create -
there is no data at all.

>  - it would be nice if --export-secret-subkeys would accept the
>    <subkey-id>! syntax and only export a stripped secret key with that
>    subkey. 

Makes sense.

>  - It should be made really clear that the primary of such a key is a
>    dummy and does not contain the secret key (--list-secret-keys
>    output etc.).

With --list-packets you will notice a "gnu-dummy S2K" for the primary
secret key.

> Possible issues - I hope I understand this correctly:
>  - Keyservers will not work with my new key. (Except LDAP)

Because most can't cope with more than one subkey.

>  - PGP users can verify such signatures from version ???

Afaik, current PGP versions can't verify - you have to hope for PGP 8.

>  - gpg users can verify such signatures from version ???

Since ever I would say.

>  - There is no way to tie a subkey to a userid (if I were to
>    use encryption subkeys, this would be a hint 'if you mail me
>    at this address, use that subkey).

Correct.  User IDs belong top the primary key.

>  - if the subkey is compromised, the attacker can sign documents with 
>    it (of course).

Yes.

>  - if the subkey is compromised, the attacker can sign other keys with
>    it (I believe. Or can a key only be signed with the primary?)

No.  There used to be a bug in an older GnuPG versions which accidently
used a signing subkey for signing user IDs.  But this affected only
very few keys and GnuPG won't verify these key signatures anymore.

>  - If I were to import a dummy-primary key into my master keyring, gpg
>    merges the keys just right.

I hope so.

>  - all this does not affect the management of the user ids in any
>  way.

Correct.

>  - when the primary secret key is available, gpg will by default use
>    it and not the additional signing subkey.

GnuPG always tries to use a subkey first, the primary key is the last
resort.  An exception is key signing where only the primary key is
used.



Shalom-Salam,

   Werner