Key Flags

Loren M. Lang lorenl at
Mon Jul 28 21:36:07 CEST 2008

I am trying to understand the differences between the key flags sign and 
certify.  As I understand it all self-signatures are a type of 
certification so the primary key needs certify, but not sign.  A subkey 
can have sign and not certify.  Also, when signing someone elses user id 
or user attribute the signing key must have certify.  The sign flag is 
used for signing things not part of the web of trust such as emails, 
software, etc.
Loren M. Lang
lorenl at

Public Key:
Fingerprint: 10A0 7AE2 DAF5 4780 888A  3FA4 DCEE BB39 7654 DE5B

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20080728/4ed085a6/attachment.pgp>

More information about the Gnupg-users mailing list