Info on sub keys?

[Alphax]

Felix E. Klee wrote:
> I've a couple of newbee questions concerning sub keys:
> 
> * Aside from convenience, is there any difference between a sub key and
>   an ordinary key signed with the master key?
> 

A subkey cannot issue a certification signature - at least not in any
known implementations.

> * Can such an ordinary key be transformed into a sub key?
> 

Yes, with difficulty. See http://atom.smasher.org/gpg/gpg-migrate.txt
for details.

> * Since when (date and version) does PGP and since when does GnuPG
>   support signing sub keys?  I ask because I read that old versions, at
>   least of PGP, support only encryption sub keys, not signing sub keys.
> 

PGP 8 supports signing subkeys; no other offical version of PGP before
then does. It's possible that 6.5.8ckt and 2.6.3ia supported them as well.

> * Are signing sub keys part of the OpenPGP standard?
> 

Yes. They wouldn't be in GPG if they weren't.

> * One can include any number of sub keys into a key, right?  I ask
>   because I recall reading that there was/is some problem with key
>   servers and sub keys.
> 

PKS keyservers (pre version  0.9.6) had a bug that mangled keys with
multiple subkeys. Fortunately they are mostly SKS and/or newer than this
now. However, most versions of PGP will ignore the key flags on an RSA
subkey, so you may end up getting messages encrypted to your signing
subkeys.

> If there is any good documentation on sub keys, aside from technical
> specifications (such as RFC 2440), then please let me know.
> 

Adrian von Bidder wrote an excellent tutorial on subkeys at
<http://fortytwo.ch/gpg/subkeys>.

-- 
                Alphax
        Death to all fanatics!
  Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 569 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20060604/4c6ce178/signature.pgp