alphasigmax at gmail.com
Fri Nov 11 04:52:50 CET 2005
David Shaw wrote:
> On Thu, Nov 10, 2005 at 09:00:56PM +0100, Christoph Anton Mitterer wrote:
>>btw: You remember my C-only thread (I'll answer you lastest posts
>>soon),... I played around a bit and read some parts of rfc2440.
>>Ok when I split a key using gpgsplit I get about the following:
>>selfsig on uid (Sig type - Positive certification of a User ID and
>>Public Key packet(0x13))
>>selfsig on subkey (Sig type - Subkey Binding Signature(0x18))
>>Ok,.. the 0x18 signature ist the one that binds the sub to the primary.
>>=>so nobody can add his own subkey to my primary because he wouldn't be
>>able to make a subkey binding sig, correct?
>>=>but he is able do take my subkey and remove my 0x18 and add his one
>>(that is where your back sig come into the game, correct?)
>>Is it correct that the primary has not directly a single self sig
>>packet, but rather 0x13s are used therefor? If so,.. what is 0x1F
>>(signature direct on key) used for? I thought this is used for primary
> No, 0x13 (or 0x10, 0x11, 0x12) are used to sign a user ID and primary
> key together. Historically, people call this "signing a key", but
> it's really signing a user ID + key.
> 0x1F signatures are truly signing a key alone.
So is a backsig of type 0x1F then??
Alphax | /"\
Encrypted Email Preferred | \ / ASCII Ribbon Campaign
OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards
http://tinyurl.com/cc9up | / \
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 546 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20051111/f8cd3cd5/signature.pgp
More information about the Gnupg-users