looking for reading material

zhong ming wu mr.z.m.wu at gmail.com
Sat Aug 4 08:11:49 CEST 2012

Hello List

I am looking for some reading material related to gpg subkeys in
particular on how they are related to master signing key.

I have an understanding of how public key system works but what eludes
me is how subkeys are tied to the master key

They are all signed by the master key but it is also possible to take
one of the private subkeys and use it on a machine separate from the
master-key machine
>From a sub key machine, if one exports the public key somehow both
master and subkey public keys are exported?

I would like to use a signing subkey to sign rpm packages and it seems
that rpm cannot verify packages signed with a subkey and rpm mailing
list does not respond to my request for more info.
Using a similar process to export signing subkey I was able to test
signing and verifying email though.

I need a much better understanding of how gpg subkeys work to convince
myself that it is the rpm system that lacks the support and thus I
request the info here. Please point me to books and papers.  Any
explanation you can give in this email will be appreciated too.  If
there is a way to understand better by looking at a particular section
of the source code, please help me navigate the source code.


mr. wu

More information about the Gnupg-users mailing list