RFE: Unsignable keys

David Shaw dshaw at jabberwocky.com
Mon Jan 3 00:51:04 CET 2005

On Sun, Jan 02, 2005 at 10:57:40AM +0100, Gregor Zattler wrote:
> Hi David,
> * David Shaw <dshaw at jabberwocky.com> [01. Jan. 2005]:
> > On Sat, Jan 01, 2005 at 01:42:57PM +0000, Neil Williams wrote:
> > > Request for Enhancement / Comments: GnuPG.
> > > 
> > > Would it be possible to create an --expert option to generate a key that 
> > > CANNOT be signed (under any circumstances) unless BOTH secret keys are 
> > > available? (signer has to have secret key anyway, these special keys would 
> > > also need the signee secret key in the same keyring).
> [...]
> > What you suggest is not impossible, but has a number of caveats when
> > done as part of OpenPGP.  The signature math of OpenPGP does not cover
> > this sort of case, so such a flag would need to be somewhat advisory.
> But then it is possible to add such signature with some knowledge
> and a hex editor or an older implementation?

No, the flags are protected by a signature.  Think of something like
the "designated revoker" data.  It is part of a self-signature on the
key itself.  It is advisory in the sense that no part of the math
requires an implementation to honor it.  Honoring it is part of the
protocol instead.

> But isn't this an example where shared secrets are useful?  Is there
> any hope of shared secrets being part of OpenPGP in the future?

Maybe.  The new RFC is very unlikely to specify different signature
math, but who knows what the future will bring?


More information about the Gnupg-users mailing list