back signatures

Alphax alphasigmax at
Fri Nov 11 04:52:50 CET 2005

David Shaw wrote:
> On Thu, Nov 10, 2005 at 09:00:56PM +0100, Christoph Anton Mitterer wrote:
>>btw: You remember my C-only thread (I'll answer you lastest posts 
>>soon),... I played around a bit and read some parts of rfc2440.
>>Ok when I split a key using gpgsplit I get about the following:
>>selfsig on uid (Sig type - Positive certification of a User ID and 
>>Public Key packet(0x13))
>>selfsig on subkey (Sig type - Subkey Binding Signature(0x18))
>>Ok,.. the 0x18 signature ist the one that binds the sub to the primary.
>>=>so nobody can add his own subkey to my primary because he wouldn't be 
>>able to make a subkey binding sig, correct?
> Right.
>>=>but he is able do take my subkey and remove my 0x18 and add his one 
>>(that is where your back sig come into the game, correct?)
> Right.
>>Is it correct that the primary has not directly a single self sig 
>>packet, but rather 0x13s are used therefor? If so,.. what is 0x1F 
>>(signature direct on key) used for? I thought this is used for primary 
> No, 0x13 (or 0x10, 0x11, 0x12) are used to sign a user ID and primary
> key together.  Historically, people call this "signing a key", but
> it's really signing a user ID + key.
> 0x1F signatures are truly signing a key alone.

So is a backsig of type 0x1F then??

Alphax                      |   /"\
Encrypted Email Preferred   |   \ /     ASCII Ribbon Campaign
OpenPGP key ID: 0xF874C613  |    X   Against HTML email & vCards    |   / \
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 546 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20051111/f8cd3cd5/signature.pgp

More information about the Gnupg-users mailing list