Add sign key only?

[David Shaw]

On Dec 11, 2010, at 11:36 AM, Chris Poole wrote:

> I have been using gpg for a while now, with just one subkey for signing and
> encryption.
> 
> I decided I wanted a separate key for signing, so if I have to give away my
> private key for decrypting documents, they can't use it to impersonate me too.
> 
> Listing my keys was like this:
> 
>    pub  1024D/BAD246F9  created: 2006-03-31  expires: never       usage: SC
>    sub  4096g/E71D7B3E  created: 2006-03-31  expires: never       usage: E
> 
> So I ran `gpg --edit-key BAD246F9`, and `addkey`. I chose DSA (sign only)
> 2048-bit. My keychain looks like this now:
> 
>    pub  1024D/BAD246F9  created: 2006-03-31  expires: never       usage: SC
>    sub  4096g/E71D7B3E  created: 2006-03-31  expires: never       usage: E
>    sub  2048D/7ED39759  created: 2010-12-11  expires: never       usage: S
> 
> It seems like I've done the right thing: I have a key for encryption, and one
> for signing. It seems like my main public key is also allowed for signing too:
> is this right?

Yes it is.  You can make signatures from either your primary or your subkey.  By default, GnuPG will pick the subkey.  You can override this choice using "-u BAD246F9!" Note the ! exclamation mark.

> Also, since I have two subkeys for encryption and signing, both use the same
> passphrase, so I don't see how it'll stop anyone who gets my encryption key
> being able to sign documents as me too.

If you were forced to disclose your encryption key, you could give them just that particular subkey and not give them the signing subkey at all.  What some people (me, among others) do in addition to this, is to remove the primary key and store it offline.  That way even if it's an accidental leak of the key (rather than a compelled one), the primary key is safe.  Since the primary key can be used to revoke the old subkeys and make new ones, this is a very safe way to handle keys.

David