Is self-signing necessary? Basic questions.

Hauke Laging mailinglisten at hauke-laging.de
Sun Jan 2 05:09:48 CET 2011


Am Sonntag 02 Januar 2011 04:30:53 schrieb takethebus at gmx.de:

> Are the key IDs newly calculated every time GnuPG runs or are they members
>  of the public key like the user IDs, too?

The key IDs are a small part of the key (SHA-1) hash value. Thus they are part 
of the public key but I don't know whether explicitly or just implicitly.


> Is the public master signing key ONLY used for signing and the public
>  subordinate key ONLY used for enryption?

There are four key capabilities:
C: certification
S: signing
E: encryption (and decryption)
A: authentication

The main key is the only one which is used for key certifications (both for 
its own subkeys and for other main keys) because only the main key is 
identified by key certifications. The main key does not need any other 
capability. Not to use the main key for anything other than certifications 
allows you to keep that key offline (see --export-secret-subkeys). It is not 
necessary but makes sense to deny the main key all other capabilities if 
intended for offline use only.

You can create subkeys with one or several capabilities (except for 
certification). In theory you could have a main key for certification and 
encryption and a subkey for signing. Subkeys can be created with a limited 
validity time. An offline main key can easily be valid for a long time (or 
even forever).


> Is the fingerprint of my public key ONLY the fingerprint of my public
>  master signing key?

Yes. The fingerprint refers to the key material itself and thus does not 
change when UIDs or subkeys change. Everything else (UIDs, subkeys, key 
configuration) is checked indirectly by checking the validity of the main 
key's signature for this data.


> When signing another key, what I do is to ONLY sign the other person's
>  public master signing key with my own private master signing key. I don't
>  sign a certain user ID or something. Is that right? (see the next two
>  points)

You verify only the main key itself by the fingerprint but you always sign the 
key together with a UID. gpg --list-sigs shows this to you: The root entry is 
pub, the uids are the next level ("connected" to pub) and the signatures refer 
to UIDs.


> A self-singed public key, is a public key, who's following components are
>  singed by the private master signing key, belonging to the same key pair:
>  public subordinate keys (sub),
> User IDs,

A key must have at least one UID (at least with gpg) but need not have any 
subkey.


> Because the public key is self-signed, it is OK, to only sign the public
>  master key when signing a key. It is OK, because this key signed the user
>  IDs. But if that's so, don't I sign ALL user IDs (if there are several) of
>  that public key by signing the public master singing key?

You have to explicitly sign UIDs. AFAIK it is not possible to sign the raw key 
alone.


> Does GnuPG demand, that a public key must be self-signed, otherwise it's
>  "no key" at all?

Not demand but it seems to not make sense, see --allow-non-selfsigned-uid:
"Allow the import and use of keys with user IDs which are not self-signed. 
This is not recommended, as a non self-signed user ID is trivial to forge."

But I do not understand the practical problem: What sense could it make for an 
attacker to modify UIDs if the user of the public key verifies the 
fingerprint?


> Are keys checked automatically by GnuPG to be self-signed?

I don't know but you can try. :-)


> Can signatures be removed from a key again?

Yes, that is easily possible:
1) --edit-key
2) if needed: uid ...
3) delsig


> What about removing self-signatures, changing suboridinate encryption keys
>  and user IDs? Is that possible/easy?

You get warned if you try to remove selfsigs. UIDs and subkeys can be changed 
by commands like addkey delkey, see the man page for --edit-key.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110102/118c2f37/attachment-0001.pgp>


More information about the Gnupg-users mailing list