[Q] Multiple signing keys

David Shaw dshaw@jabberwocky.com
Thu May 15 14:23:02 2003

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, May 15, 2003 at 03:42:15AM -0400, Dennis Lambe Jr. wrote:
> On Wed, 2003-05-14 at 14:48, Werner Koch wrote:
> > On 13 May 2003 22:42:32 -0400, Dennis Lambe said:
> >=20
> > > As far as I can tell, your primary key is the only one which can be u=
> > > to sign other keys, but I'd like to hear from some more knowledgable
> > > people on that point.
> >=20
> > Correct.  The primary key is used to bound the user IDs as well as
> > secondary keys to the primary key.  So it is _kind of_ a master key.
> Yes.  This I already knew.  What I'm curious about is whether it's
> possible to use a subkey to sign /other people's/ keys.

Technically yes.  A signing subkey can sign any data, and a key is
just data underneath it all.  However, in reality such signatures are
not part of the web of trust and are not generated.  Key signatures
are made only with the primary key.


Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.3-cvs (GNU/Linux)
Comment: http://www.jabberwocky.com/david/keys.asc