proving subkey ownership - was: Re: key-signing and stolen subkeys

David Shaw dshaw at
Mon May 24 16:28:48 CEST 2004

On Sun, May 23, 2004 at 11:50:22PM -0400, Atom 'Smasher' wrote:
> dave, your key (like my new key) is an RSA primary key with DSA and
> ElGamal subkeys.
> if someone wanted to sign such a key, should they ask that a challenge be
> signed with the primary key? or the signing subkey? or should one
> challenge per each signing key be used?

The primary key.  When you make a key signature, you sign the primary
key and the user ID.  Thus, that's the key that needs to be proved to

There is no point in challenging signing subkeys.


More information about the Gnupg-users mailing list