Best practice for periodic key change?
Jerome Baum
jerome at jeromebaum.com
Tue May 10 06:01:59 CEST 2011
On Mon, May 9, 2011 at 18:09, Hauke Laging <mailinglisten at hauke-laging.de>wrote:
> IMHO there are only two possibilities for making (a new version of) OpenPGP
> signature law compatible:
>
> a) The CA creates a mainkey and subkeys. The mainkey is destroyed
> immediately
> afterwards. That might be legally acceptable but has not much in common
> with
> PGP any more.
>
> b) It is made possible to prevent the transfer of the validity of a mainkey
> to
> a subkey. Either my disallowing subkeys at all (in the certification) or by
> requiring explicit certifications for subkeys. When certifying a key you
> would
> have to decide whether you make a certification of the old type (for the
> mainkey and then the mainkey is allowed to do everything) or of the new
> one.
> This new type of certification would not be allowed to be backward
> compatible.
> if it was then old software might regard an explicit subkey certification
> as a
> normal one and thus accept subkeys without explicit certification.
c) Program the smart-card so it doesn't sign sub-keys? I'm not familiar with
the internals of smart-card implementations but the OpenPGP sub-key
signatures are of a different type than the data signatures. The smart-card
can probably recognize if it's inadvertently signing a sub-key.
--
Jerome Baum
tel +49-1578-8434336
email jerome at jeromebaum.com
--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110510/803629f8/attachment.htm>
More information about the Gnupg-users
mailing list