gnupg and subkeys
David Shaw
dshaw@jabberwocky.com
Wed Jan 8 20:24:02 2003
On Wed, Jan 08, 2003 at 07:54:49PM +0100, Werner Koch wrote:
> On 08 Jan 2003 15:06:46 +0100, Adrian 'Dagurashibanipal' von Bidder said:
>
> > When I have two secret keys differing in the subkeys (or in the presence
> > of the primary), gpg can't import both secret keys to produce one merged
> > secret key. After the first secret key import, it will always say
>
> You mean you already have a secret key with a dummy primary one
> (created using --export-secret-subkeys) and then you try to import the
> the full secret key. This is indeed poossible. The workaround is to
> delete the existing key first. It does not make much sense to merge
> secret keys because we assume that you always know where your most
> recent and up to date secret key is stored.
I think what he means is:
Given secret key A, with subkeys A1 and A2, if you import "A+A1", you
can not then import "A+A2" to create "A+A1+A2". You can only do that
with public keys. For secret keys, you need to use gpgsplit and
manually assemble "A+A1+A2" for import.
David
--
David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson