Can signing subkeys certify keys?

David Shaw
Mon Nov 18 20:39:01 2002

On Mon, Nov 18, 2002 at 05:01:23PM +0100, Konrad Podloucky wrote:
> Hi folks,
> I recently generated a new key with 2 subkeys. One for signing and one
> for encryption. The primary key is kept in a safe place and never used
> to sign any data. However I wasn't able to figure out how I could
> certify keys with my signature subkey although in the --with-colons
> listing it shows up as being able to sign and certify. 
> Is this a limitation of the OpenPGP standard, of gpg, simply a bad idea
> and therefore not implemented or have I just been blind?

The OpenPGP standard does not specify a trust model, so you can
theoretically use a signing subkey for anything you like.  However, as
a practical matter it is not a good idea.  The web of trust is built
by signatures from primaries on primaries, so a subkey signature would
not be usable as part of the web of trust.  Because of this, signing
subkeys are only permitted to sign data and not other keys.

The --with-colons listing is incorrect here, and has been fixed for
the next release of GnuPG.


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson