[Q] Multiple signing keys
David Shaw
dshaw@jabberwocky.com
Thu May 15 14:23:02 2003
--qM81t570OJUP5TU/
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, May 15, 2003 at 03:42:15AM -0400, Dennis Lambe Jr. wrote:
> On Wed, 2003-05-14 at 14:48, Werner Koch wrote:
> > On 13 May 2003 22:42:32 -0400, Dennis Lambe said:
> >=20
> > > As far as I can tell, your primary key is the only one which can be u=
sed
> > > to sign other keys, but I'd like to hear from some more knowledgable
> > > people on that point.
> >=20
> > Correct. The primary key is used to bound the user IDs as well as
> > secondary keys to the primary key. So it is _kind of_ a master key.
>=20
> Yes. This I already knew. What I'm curious about is whether it's
> possible to use a subkey to sign /other people's/ keys.
Technically yes. A signing subkey can sign any data, and a key is
just data underneath it all. However, in reality such signatures are
not part of the web of trust and are not generated. Key signatures
are made only with the primary key.
David
--qM81t570OJUP5TU/
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-cvs (GNU/Linux)
Comment: http://www.jabberwocky.com/david/keys.asc
iD8DBQE+w4bG4mZch0nhy8kRAmWmAJ0VZF+yPex4EFJuUz+Ai5pE2L7LYACfTSFU
UB9Qu+Et3NbVtUpye/aF3E8=
=KhP6
-----END PGP SIGNATURE-----
--qM81t570OJUP5TU/--