Clarification on purpose of subordinate keys
Werner Koch
wk at gnupg.org
Thu Mar 31 10:47:14 CEST 2005
On Wed, 30 Mar 2005 13:53:47 +0200, Dirk Traulsen said:
> This sounds interesting. Please help me to clarify it a bit.
> After some tests and reading in my understanding it works like this:
[1...7]
Correct.
> When system2 would be cracked, an attacker would not have access to
> the secret part of my main key (really?).
Correct. The secret key is not on system2. This is indicated by a
hash mark like:
sec# 1024D/5B0358A2 1999-03-15 [expires: 2009-07-11]
uid Werner Koch <wk at gnupg.org>
uid Werner Koch <wk at g10code.com>
ssb 1024D/010A57ED 2004-03-21
ssb 2048R/B604F148 2004-03-21
(A similar thing is with smartcards, there a '>' indicates that the
secret key is actually stored on a smartcard).
> But for me it would still be possible to go to system1 and
> a. change my passphrase
> b. revoke the compromised subkeys
> c. add new subkeys and start the cycle again
> without loosing all the signatures on my uid in the primary key, what
> would have been the case, if I had to revoke the complete key.
Correct.
> The only negative point is, that I have to go to system1 to maintain
> my key.
> Is this correct?
Yes.
Salam-Shalom,
Werner
More information about the Gnupg-users
mailing list