Why subkeys?

David Champion dgc@uchicago.edu
Fri Oct 11 17:28:02 2002


* On 2002.10.10, in <20021011020603.GC1373@stonewall>,
*	"Brian M. Carlson" <bmc@crustytoothpaste.ath.cx> wrote:
> 
> Subkeys can be revoked independently of each other and independently of
> the primary key. They can also be set to expire after a certain time.
> Some keyservers (notably pksd < 0.9.6) tend to butcher keys with
> multiple subkeys.

I'm interested in making better use of subkeys. (I would have begun
already if I could attach extant primary keys as subkeys, rather
than having to go through the whole business of retiring one key and
replacing its functionality with another. I'd love to see that directly
supported in gpg, since I'm not sure I understand the bit-tweaking you
have to do if you manually reorder packets.)

I've long heard about certain servers' habits of munging subkeys,
though. This doesn't bother me much if I can just deprecate those
servers, but can I ensure that the correct key gets onto the servers
which fully support subkeys, without intra-keyserver propagations
transmitting a bungled copy of my key? What's the risk -- should I just
not upload such a key to the servers at this time?

-- 
 -D.			We establised a fine coffee. What everybody can say
 Sun Project, APC/UCCO	TASTY! It's fresh, so-mild, with some special coffee's
 University of Chicago	bitter and sourtaste. "LET'S HAVE SUCH A COFFEE! NOW!"
 dgc@uchicago.edu	Please love CAFE MIAMI. Many thanks.