There are actually two public keys?
dshaw at jabberwocky.com
Tue May 19 01:58:08 CEST 2009
On May 18, 2009, at 5:49 PM, James P. Howard, II wrote:
> On Mon May 18 08:45:38 2009, R.A. Hettinga <rah at shipwright.com> wrote:
>> The reason for it is a notion of what's called "key hygiene," and
>> that's an important concept in RSA usage. That is the notion that one
>> should never sign with an encryption key, and never encrypt with a
>> signing key.
> This leads indirectly to another question: Why can't I sign someone
> else's key with a subkey?
Signing with a subkey has a slightly different meaning than signing
with a primary key. When you sign a key, you're actually signing a
combination of the primary key and user ID that you chose to sign. If
you signed with a subkey, you'd lose the nice symmetry of signing with
the thing that your friend is also signing on your key. Rather, you'd
be signing with something one "hop" away from that primary key, as the
subkeys are signed by the primary.
Perhaps a more immediate answer is that nobody ever implemented it.
OpenPGP itself doesn't care (OpenPGP actually doesn't specify all that
much about trust models and the web of trust). Historically, the web
of trust was built between signatures between primaries, and that's
what everyone implements today. At one point there was talk of
publishing a standard for the web of trust, but there didn't seem to
be much interest in it.
> And on a divergent note, using the black
> magic described elsewhere, is it bad to convert a subkey into a
> primary key and use it to sign others?
To do this, you have to have the key in primary key form in the
(local) web of trust. If you don't, then the signatures won't be used.
More information about the Gnupg-users