Multiple sub-signingkeys
Per Tunedal
pt@radvis.nu
Wed Apr 30 09:56:01 2003
At 09:02 2003-04-28 +0200, you wrote:
>[reply on list please]
>On Saturday 26 April 2003 21:13, Per Tunedal wrote:
>
>> This crippled key can be used on an insecure computer, while your complete
>> key can be used on a secure computer. When listing secret keys for the
>> original key the primary key is shown without the #.
>>
>> You can thus easily see what secret keys are present in each keyring.
>>
>> (If I am right it might be a good idea to emphasize this on your page,
>> Adrian!)
>
>I guess you mean this part:
>+--
>| To verify that you really don't have any secret keys you don't want,
have a
>| look at the output of "gpg --list-secret-keys", your primary secret key
>| should be marked with a '#':
>+--
>
>Hmm. I'm not entirely sure what exactly you feel I should clarify. Would
>something like
>
>+--
>| ...should be marked with a '#' (this means that the 'primary key' you're
>| seeing is really only a placeholder and does not contain the secret key
>| data.):
>+--
>
>clarify it in the way you thought?
>
>cheers
>-- vbi
>
Hi Adrian,
yes that's better. But the # is not so apparent and I missed the meaning
though I read your page several times. Maybe you should mention the
opposite too:
e.g. "When listing secret keys for the
original complete key the primary key is shown without the #."
The presence/absence of the # is a very cryptical (!) way of supplying very
important information! Thus this has to be explained very thoroughly.
I would like to suggest some printout in plaintext from GPG in a future
release!
Per Tunedal