Clarification on purpose of subordinate keys

Dirk Traulsen dirk.traulsen at
Wed Mar 30 13:53:47 CEST 2005

Am 29 Mar 2005 um 11:15 hat Werner Koch geschrieben:

> On Mon, 28 Mar 2005 09:27:27 -0500, John Harrold said:
> > given the time frame it probably happened when I was trying to unexpire the
> > key F65A739E. Can you elaborate on the reasons for using a separate key for
> > signing messages?
> It is mostly useful if you keep your primary key offline
> (cf. --export-secret-subkeys).  In the case of a key compromise, you
> would only need to revoke the existing subkeys and create new subkeys.
> This saves you all the key signatures (Web Of Trust) as they are
> signing the primary key only.
This sounds interesting. Please help me to clarify it a bit.
After some tests and reading in my understanding it works like this:
1. add signing subkey to KEY
2. --export-secret-subkey KEY (without specifying the subkey)
      => key.sec.asc
3. --export KEY   => key.asc
4. nothing changes on system1
5. import the exported (crippled) secret key on system2
    --import key.sec.asc
6. import the signatures: --import key.asc
7. Result: 
On system2 I can use gpg normally and sign with the signing subkey, 
but the main key is deleted/crippled/deactivated(?) and not usable 
for signing. As I'm not able to sign with the main key, it is for 
example impossible to add a new uid, a new subkey or to revoke. 

When system2 would be cracked, an attacker would not have access to 
the secret part of my main key (really?).

But for me it would still be possible to go to system1 and
a.  change my passphrase
b.  revoke the compromised subkeys
c.  add new subkeys and start the cycle again 
without loosing all the signatures on my uid in the primary key, what 
would have been the case, if I had to revoke the complete key.

The only negative point is, that I have to go to system1 to maintain 
my key.

Is this correct?


More information about the Gnupg-users mailing list