Why subkeys?

David Shaw dshaw@jabberwocky.com
Fri Oct 11 19:04:02 2002


On Fri, Oct 11, 2002 at 10:28:44AM -0500, David Champion wrote:
> * On 2002.10.10, in <20021011020603.GC1373@stonewall>,
> *	"Brian M. Carlson" <bmc@crustytoothpaste.ath.cx> wrote:
> > 
> > Subkeys can be revoked independently of each other and independently of
> > the primary key. They can also be set to expire after a certain time.
> > Some keyservers (notably pksd < 0.9.6) tend to butcher keys with
> > multiple subkeys.
> 
> I'm interested in making better use of subkeys. (I would have begun
> already if I could attach extant primary keys as subkeys, rather
> than having to go through the whole business of retiring one key and
> replacing its functionality with another. I'd love to see that directly
> supported in gpg, since I'm not sure I understand the bit-tweaking you
> have to do if you manually reorder packets.)

While it is possible, it's not a very safe thing to do if the original
primary key that you want to make into a subkey has been distributed
at all.  There can be odd problems with PGP if a primary key and
subkey on the same keyring have the same keyid.  There really isn't
much of an advantage - aside from convenience - in doing this anyway -
you don't get to keep any signatures made on the old key.

> I've long heard about certain servers' habits of munging subkeys,
> though. This doesn't bother me much if I can just deprecate those
> servers, but can I ensure that the correct key gets onto the servers
> which fully support subkeys, without intra-keyserver propagations
> transmitting a bungled copy of my key? What's the risk -- should I just
> not upload such a key to the servers at this time?

You can upload the key to one of the good keyservers:

  hkp://keyserver.kjsl.com
  ldap://keys.pgp.com
  ldap://pgp.surfnet.nl:11370

If you upload to those three first, then they will get the good copy
of the key.  They do all synchronize with the others (though
keys.pgp.com seems to be behind), so when the other keyservers learn
the key it will be corrupted on those servers, but not the good three.

Personally, I'd just not upload the key to the servers yet (which is
exactly what I did do - I have a signing subkey that isn't used yet)

David

-- 
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson