Signing with different sub-keys.

Stewart Wright
Fri May 9 21:53:02 2003

Hi All,

I am trying to work out how to have multiple signing
subkeys and sign different files with different keys. 
However, I am failing to get it to work.

Here's what I do -- perhaps someone can make a

As a test I got rid of my secring and pubring and
started from scratch generating a dummy DSA/ElGamal
key which I then added DSA and RSA signing subkeys:
pub  1024D/B37D0D59 2003-05-08 test key 1 <test@key.1>
sub  1024g/8A112A7E 2003-05-08
sub  1024D/E1A24F95 2003-05-08
sub  1024R/F2D5AAA9 2003-05-09

I then tried making a series of signings:
0) gpg --output msg0.asc --clearsign msg 
1) gpg --output msg1.asc --clearsign -u B37D0D59 msg
2) gpg --output msg2.asc --clearsign -u 8A112A7E msg
3) gpg --output msg3.asc --clearsign -u E1A24F95 msg
4) gpg --output msg4.asc --clearsign -u F2D5AAA9 msg

(Remembering that the ElGamal key 8A112A7E shouldn't
be able to sign...)

I then verified the signature using 
   gpg --verify msg0.asc

GnuPG tells me that the signatures were made with:
0) DSA key ID B37D0D59
1) RSA key ID F2D5AAA9
2) RSA key ID F2D5AAA9
3) RSA key ID F2D5AAA9
4) RSA key ID F2D5AAA9

Now, it seems that 
0) makes sense, but surely 
1) should be B37D0D59,
2) should be ???
3) is E1A24F95 and
4) F2D5AAA9

Am I doing something wrong?  Any ideas or help would
be appreciated.


Olaf - Yahoo! Mobile
- Check & compose your email via SMS on your Telstra or Vodafone mobile.