Offline Master Key

[David Shaw]

On May 2, 2011, at 10:47 AM, patrickbx at lavabit.com wrote:

> Hi,
> 
> I have question on key management and was looking for some feedback.  My
> issue is that I like the idea of having a Master signing key with no
> expiration date and I want to store this key offline without the
> inconvenience of using an offline computer every time i'd like to send a
> signed/encrypted message.
> 
> My idea is to create a master signing key on an offline
> computer(persistent live usb).  Then create two subkeys that have regular
> expiration dates.  One encryption key and one additional "daily-use"
> signing key.  I would post my master key in my signature and use it to
> sign the sub-keys.  When sending mail I would use my daily use key to sign
> my messages.  I would only access and use my master key when it is
> necessary to sign other keys and update my sub keys. Would this create any
> problems for those reading and verifying my emails?

No problems unless your correspondent is using a very old version of PGP that doesn't properly handle subkeys.  I wouldn't worry about that too much in 2011.

>  Would it be necessary
> to link to my key policy in my mail or would it be seamless that my sub
> signing key is valid because it is signed by the master.

It should be seamless.  This is a reasonably common thing to do.  I do it myself, in fact.

There is/was a HOWTO document for this method of handling keys written at one point.  I can't seem to find the link at the moment, but if someone has it handy, please do post it.

David