subkeys and key flags
Peter Palfrader
gnupg-users=gnupg.org at lists.palfrader.org
Sun Nov 30 18:36:14 CET 2003
I noticed that GnuPG used to sign other keys using subkeys, at least
with ElGamal sign and encrypt subkeys[1].
What semantics does a lack of key flags[2] have? Does it mean that the
(sub)key is good for all purposes, including certifying other keys?
If yes, how do I create a signing subkey that only may be used to sign
data/communications? Is it possible to ammend the keyflags by adding a
new self signature to a subkey? (I suppose so, if yes, how do I do it?)
Am I correct when thinking that a subkey that may be used to certify
other keys may not be used to sign subkeys? iow: is the primary key the
only one that can bind subkeys to the primary key?
Looking forward to your answers,
Peter
1: for instance 2F6DD073 signed 94C09C7F.
2: RFC2440: 5.2.3.20
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : /pipermail/attachments/20031130/3f88be49/attachment.bin
More information about the Gnupg-users
mailing list