secret keys and public keys

David Shaw dshaw at jabberwocky.com
Thu Oct 16 20:20:05 CEST 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, Oct 13, 2003 at 01:49:39PM -0700, Russell O'Connor wrote:
> [To: gnupg-users at gnupg.org]
> 
> 1. Are there tools to take a subkey from one key and transfer it to be the
> subkey of another key, or do I have to write my own?

You have to write your own, though 'gpgsplit' is helpful in getting
the packets together.  You can of course modify the GnuPG code to help
you do this - see in particular sign.c and keygen.c.

> 2. Why is it that GnuPG will refuse to decrypt using a secret key if there
> is no corresponding public key in one's public key ring?

Some of the information about a keypair is stored in the public key.
It is not strictly necessary (all secret keys contain the correponding
public key anyway), but given the design of GnuPG it works out that
way.  Future versions of GnuPG may not require this.

You can create a public key from a secret key if you like.  GnuPG
1.3.1 and later do this automatically when you import a secret key.

David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.4-cvs (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc

iHEEARECADEFAj+PJ6UqGGh0dHA6Ly93d3cuamFiYmVyd29ja3kuY29tL2Rhdmlk
L2tleXMuYXNjAAoJEOJmXIdJ4cvJ5PoAoNaMCDDgsUECisWxjLS3pco/3RM+AJ0f
m00Y8+wkm15kwh02JU1dks3KLA==
=5hAs
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list