implications of subkeys?

David Shaw
Fri Mar 1 20:48:01 2002

On Wed, Feb 27, 2002 at 03:59:15PM -0800, Len Sassaman wrote:
> If a key A bearing a given user-id signs a key B with an identicial
> user-id (and the signature is made on that identical user id) then trust
> for key B is calculated as though all the signatures for this shared
> user-id on key A were made on key B. This was introduced around the time
> of PGP 3.0, to prevent an RSA/DSA divide in the web of trust.

I heard about this a few months ago (I think you were the one who told
me, actually), but I don't really see a large benefit here.  All it
means is that your new key is one certification depth "hop" closer
than it would be otherwise.  Is that really such a big benefit?

GnuPG does not do this, incidentally.


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson