back signatures

Christoph Anton Mitterer cam at
Sun Nov 6 21:54:01 CET 2005

David Shaw wrote:

>>It's a countermeasure against an attack against signing subkeys.
>>Basically, the primary key signs all subkeys.  With backsigs, the
>>signing subkey also signs the primary key.
>>Without this, an attacker can "steal" a signing subkey from someone
>>else and try and pretend that a signature came from his own key.  It's
>>not a particularly good attack: the attacker can't issue signatures to
>>prove his ownership.
>I should add that this is a new feature for 1.4.3.
Can keys created before 1.4.3 be updated with that stuff?

Best wishes,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cam.vcf
Type: text/x-vcard
Size: 449 bytes
Desc: not available
Url : /pipermail/attachments/20051106/eb35a1f1/cam.vcf

More information about the Gnupg-users mailing list