v4 rsa subkey peculiarity

vedaal at hush.com vedaal at hush.com
Wed Feb 11 07:13:02 CET 2004

when trying to sign with my v4 rsa key, gnupg intentionally uses the
encryption subkey instead of the primary

there was no change in the expiration dates or addition/deletion/alteration
of subkeys

this is the gpg output when trying to sign
(without the ! after the keyid);

c:\gnupg>gpg -u 6A589A97 --clearsign a:\g1.txt

gpg: using secondary key 04ADEE20 instead of primary key 6A589A97

You need a passphrase to unlock the secret key for
user: "vedaal nistar <vedaal at hotmail.com>"
gpg: using secondary key 04ADEE20 instead of primary key 6A589A97
4096-bit RSA key, ID 04ADEE20, created 2001-04-26 (main key ID 6A589A97)

Enter passphrase:

it works fine when adding the ! after the keyid

what is the correct syntax to list this preference as an option in gpg.conf?

(have tried:
-u 0x6A859A97!

both of which are not recognized as valid options

upon further examination of this particular v4rsa key,
it turns out that both the subkey and the master key are 'encrypt and
sign', whereas other v4rsa key subkeys are 'encrypt only'

is there something about this that would affect how gnupg recognizes
the key?

(the key was generated in ckt when pgp7 first introduced v4rsa keys,
and, as pgp7 was not open source, i generated mine in ckt.

apparently, the ckt v4rsa design simply copied the v3 design in this
aspect, and made the subkey and master equally capable

can send /post a test v4rsa key of this type, if anyone is interested



Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger

Promote security and make money with the Hushmail Affiliate Program: 

More information about the Gnupg-users mailing list