Info on sub keys?

[David Shaw]

On Sat, Jun 03, 2006 at 11:11:21PM +0200, Felix E. Klee wrote:
> At Sun, 04 Jun 2006 03:02:19 +0930,
> Alphax wrote:

> > > * One can include any number of sub keys into a key, right?  I ask
> > >   because I recall reading that there was/is some problem with key
> > >   servers and sub keys.
> > 
> > PKS keyservers (pre version  0.9.6) had a bug that mangled keys with
> > multiple subkeys.
> 
> Hm, as far as I understand it, public key servers exchange updates among
> each other, in oder to stay synchronized.  Consider the following
> example:
> 
>   I upload a key to server A, from there it goes to server B and
>   finally it arrives at server C: A->B->C.
> 
> Now what would happen if that key contains a signature sub key and
> server B runs a pre 0.9.6 PKS version?  Would the key end up in a
> mangled state on B and C?  Could the mangled key propagate back to A?

B would mangle it and send the mangled version to C.  Offhand, I don't
recall any pre 0.9.6 PKS installations left though.

> > > If there is any good documentation on sub keys, aside from technical
> > > specifications (such as RFC 2440), then please let me know.
> > 
> > Adrian von Bidder wrote an excellent tutorial on subkeys at
> > <http://fortytwo.ch/gpg/subkeys>.
> 
> I recall finding it on the web some time ago, but I didn't read it.  I
> better do that now.
> 
> BTW, there's another little question I forgot to raise in my first
> message:
> 
>   In his FAQ, Tom McCune uses the expression "4096/2048 RSA" to refer to
>   a 2048 bit master key with a 4096 bit encryption sub key.  Is this a
>   general convention?  I.e. does "foo Y/X", in general, refer to an "X"
>   bit master key of type "foo" with an "Y" bit sub key for encryption?

It's not a general convention.  PGP said things like that because when
you made a RSA primary key, it would (by default) also make a RSA
subkey.  Once you start mixing algorithms (RSA primary, Elgamal
subkey, etc), the convention breaks down.

David