Leaving comments with subkeys?

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Dec 14 11:39:18 CET 2011


On 12/12/2011 02:05 PM, gnupg at lists.grepular.com wrote:
> If I have more than one signing subkey in my keypair, is there a way of
> advertising the purpose of each subkey with the public key that people
> download? Eg:
> 
> This subkey is for signing email only
> This subkey is for signing sourcecode only
> 
> I've considered generating an entirely separate keypair and then
> cross-signing them, but that seems inelegant.

My first thought was to look up the list of standardized "key usage
flags", which are defined here:

  https://tools.ietf.org/html/rfc4880#section-5.2.3.21

But there is no "this key may be used to sign code" usage flag, which it
sounds like you'd really want, and 0x02 ("This key may be used to sign
data") is generic enough to cover both your cases (it only excludes
making other OpenPGP certifications, which is covered by 0x01).

Given that allocating new bits for the key flags field is an unwieldy
and awkward process, i don't think this is the way to go.

Instead, you could add a notation to the subkey signatures.

  https://tools.ietf.org/html/rfc4880#section-5.2.3.16

Concisely and precisely defining (what exactly counts as "source code"?
 what if an e-mail contains a tarball with source code?  what if an html
e-mail contains javascript? etc...) the notation you want to use and
getting it embedded in some tools is going to be a bit of work, but not
necessarily an insurmountable task.

You might want to discuss it with the (very low-traffic at the moment)
working group:

  IETF OpenPGP Working Group <ietf-openpgp at imc.org>

Let me also ask the sort-of-nagging questions: what is your endgame
here?  do you want a subkey whose signatures over anything *but*
sourcecode will be rejected for certain purposes?  What about a tarball
of source code?  a gzipped tarball?  an lzma-compressed tarball? a blog
post containing a 20-line shell script?  Do you want a subkey whose
signatures over anything *but* e-mail will be rejected?  (e.g. if i copy
and paste your e-mail into a text file, and then --verify it, should it
fail?)  Will you be happy with people deciding to accept the key's
signatures over *any* source code you distribute, or are you concerned
about a particular project?

Your answers to these questions should help you think through the best
way to proceed to get what you want.

hth,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20111214/c5ea3951/attachment.pgp>


More information about the Gnupg-users mailing list