What does the "sub" entry of a key mean?

Bo Berglund bo.berglund at gmail.com
Sat Jan 15 17:13:34 CET 2011

I am building an application for GPG encryption, which ultimately will
be integrated into the Win7X64 Explorer context menu.
I have used the command line command "gpg2 -k" to retrieve a ley list
for the current key ring. Works fine. Now it is time for parsing and I
have a few questions:

The output from the command looks like this (shortened):
C:/Documents and Settings/Bosse/Application Data/gnupg/pubring.gpg
pub   1024D/C50DAFF8 2006-08-19
uid                  Bo Berglund <bo.berglund at gmail.com>
sub   2048g/011AD792 2006-08-19

pub   1024D/41C6E930 2003-04-10
uid                  Richard Jones <richard at commonground.com.au>
uid                  Richard Jones <richard at mechanicalcat.net>
uid                  Richard Jones <richardjones at optushome.com.au>
sub   1024g/40AD97DF 2003-04-10

Now, I understand most of this but I would like to know the
significance of these items:

1) In the pub line the first item is a number + a letter. I assume
that the number is the bit length of the key, but what does the letter
mean? And which are the possible letters?

2) What does the last line of each key mean, which starts with sub?
Notice that there is a different hex code and different letter
following the key length...

3) Some keys have several uid lines, is there a maximum or minimum
number here? It looks like a number of email addresses attached to the
key, is this correct?

4) I only have one public keyring, but I assume that it is possible to
have several? If so will the -k command list these after each other?
The first output line seems to be the actual keyring location.


Bo Berglund
Developer in Sweden

More information about the Gnupg-users mailing list