Clarification on purpose of subordinate keys

John Harrold jmh17 at pitt.edu
Mon Mar 28 16:27:27 CEST 2005


Sometime in March Charly Avital assaulted the keyboard and produced:

| John,
| 
| here's the information  I get on your key:
| pub  1024D/F65A739E  created: 2002-10-02  expires: never       usage: CS
|                       trust: unknown       validity: unknown
| sub  1024R/C7658196  created: 2003-10-02  expires: never       usage: E
| sub  1024g/C6C536C3  created: 2002-10-02  expired: 2003-10-02  usage: E
| sub  1024D/B23241CB  created: 2003-10-01  expires: never       usage: SA
| 
| [ unknown] (1). "John M. Harrold" <jmh at member.fsf.org>
| [ unknown] (2)  John Mark Harrold <jmh17 at pitt.edu>
| [ unknown] (3)  [jpeg image of size 5337]
| 
| On 2003-10-01 you generated an additional subkey B23241CB (usage: SA = 
| Sign Authenticate). This is the subkey that is being used for signing, 
| instead of the primary key F65A739E. In order to authenticate your 
| signature, the recipient of your signed messages must have this 
| additional subkey in your key's keyblock, in his/her pubring.

Ok, that makes sense. I honestly don't remember making the SA key, but
given the time frame it probably happened when I was trying to unexpire the
key F65A739E. Can you elaborate on the reasons for using a separate key for
signing messages?

-- 
---------------------------------------------------------- 
                            | /"\                         
 john harrold               | \ / ASCII ribbon campaign   
 jmh at member.fsf.org      |  X  against HTML mail       
 the most useful idiot      | / \                         
----------------------------------------------------------
 What difference does it make to the dead, the orphans, 
 and the homeless, whether the mad destruction is brought 
 under the name of totalitarianism or the holy name of 
 liberty and democracy?
 --Gandhi
----------------------------------------------------------
  gpg --keyserver pgp.mit.edu --recv-key B23241CB
----------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : /pipermail/attachments/20050328/282d4fb1/attachment.pgp


More information about the Gnupg-users mailing list