controlling the use of subkeys
Robert J. Hansen
rjh at sixdemonbag.org
Sun Dec 24 03:33:50 CET 2006
-----BEGIN PGP SIGNED MESSAGE-----
Mike Frysinger wrote:
> probably, but that doesnt really matter to me much ... all the intricacies of
> pgp do not interrest me, it's merely a tool to get other things done
When you start doing advanced and sophisticated things with a tool, you
need to invest the time in understanding that tool. This is true for
pretty much any tool, not just GnuPG.
> i have a personal key/uid i use for signing e-mails and such, E837F581. when
> doing gpg signing parties, this is what other people sign. in Gentoo, rather
> than using personal keys, we create a new key to keep personal and developer
> package signing separate.
This is sensible.
This strongly counter-indicates using a new subkey.
After all... when someone sees a signature with your new subkey, they'll
then have to find the master signing key and import that before they can
verify your signature. And since your personal identity is connected
with that master key, you're going to conflate your personal identity
with your Gentoo identity.
Generate a new keypair and use that instead.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Gnupg-users