back signatures
Alphax
alphasigmax at gmail.com
Fri Nov 11 04:52:50 CET 2005
David Shaw wrote:
> On Thu, Nov 10, 2005 at 09:00:56PM +0100, Christoph Anton Mitterer wrote:
>
>snip>
>
>>btw: You remember my C-only thread (I'll answer you lastest posts
>>soon),... I played around a bit and read some parts of rfc2440.
>>Ok when I split a key using gpgsplit I get about the following:
>>pubkey
>>uid
>>selfsig on uid (Sig type - Positive certification of a User ID and
>>Public Key packet(0x13))
>>subkey
>>selfsig on subkey (Sig type - Subkey Binding Signature(0x18))
>>
>>Ok,.. the 0x18 signature ist the one that binds the sub to the primary.
>>=>so nobody can add his own subkey to my primary because he wouldn't be
>>able to make a subkey binding sig, correct?
>
>
> Right.
>
>
>>=>but he is able do take my subkey and remove my 0x18 and add his one
>>(that is where your back sig come into the game, correct?)
>
>
> Right.
>
>
>>Is it correct that the primary has not directly a single self sig
>>packet, but rather 0x13s are used therefor? If so,.. what is 0x1F
>>(signature direct on key) used for? I thought this is used for primary
>>selfsigs.
>
>
> No, 0x13 (or 0x10, 0x11, 0x12) are used to sign a user ID and primary
> key together. Historically, people call this "signing a key", but
> it's really signing a user ID + key.
>
> 0x1F signatures are truly signing a key alone.
>
>
So is a backsig of type 0x1F then??
--
Alphax | /"\
Encrypted Email Preferred | \ / ASCII Ribbon Campaign
OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards
http://tinyurl.com/cc9up | / \
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 546 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20051111/f8cd3cd5/signature.pgp
More information about the Gnupg-users
mailing list