back signatures

David Shaw dshaw at
Fri Nov 4 20:24:09 CET 2005

On Fri, Nov 04, 2005 at 10:15:16PM +0300, Pawel Shajdo wrote:
> Salve!
> Can somebody explain me what is "back signatures"?
> Manual not very clear about this.

It's a countermeasure against an attack against signing subkeys.
Basically, the primary key signs all subkeys.  With backsigs, the
signing subkey also signs the primary key.

Without this, an attacker can "steal" a signing subkey from someone
else and try and pretend that a signature came from his own key.  It's
not a particularly good attack: the attacker can't issue signatures to
prove his ownership.


More information about the Gnupg-users mailing list