implications of subkeys?
David Shaw
dshaw@jabberwocky.com
Fri Mar 1 20:48:01 2002
On Wed, Feb 27, 2002 at 03:59:15PM -0800, Len Sassaman wrote:
> If a key A bearing a given user-id signs a key B with an identicial
> user-id (and the signature is made on that identical user id) then trust
> for key B is calculated as though all the signatures for this shared
> user-id on key A were made on key B. This was introduced around the time
> of PGP 3.0, to prevent an RSA/DSA divide in the web of trust.
I heard about this a few months ago (I think you were the one who told
me, actually), but I don't really see a large benefit here. All it
means is that your new key is one certification depth "hop" closer
than it would be otherwise. Is that really such a big benefit?
GnuPG does not do this, incidentally.
David
--
David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson