Problem with keys
Leo Treasure
leotreasure at gmail.com
Thu Jan 17 03:40:12 CET 2013
Thanks dkg. I created the key under normal circumstances using version:
gpg (GnuPG/MacGPG2) 2.0.19
libgcrypt 1.5.0
When setting up the keypair I did not provide an email address.
Could it be that I am using the Mac version that I got this unusual
keypair setup?
Regards,
Leo
On 17/01/13 3:54 AM, Daniel Kahn Gillmor wrote:
> On 01/16/2013 01:42 AM, Leo Treasure wrote:
>> Thanks Hauke! I needed to use the main key to interface with a Bitcoin
>> exchange mpex.co. I first exported my ascii armoured public key and sent
>> it. For subsequent orders the exchange operator needs me to sign with
>> the same main key.
>
> I note that your key 0x46EEEA4C06CD1637 is a bit unusual in that its
> subkey is marked as signing-capable. with the default gpg --gen-key
> creation, the primary key is usually marked as capable for signing and
> certification, and the subkey is marked as just encryption-capable.
>
> how did you create this key?
>
> Despite it being unusual, it's entirely reasonable and within the
> OpenPGP spec to have a signing-capable subkey.
>
> You should tell mpex.co that their system needs to support
> signing-capable subkeys.
>
> Feel free to point them to this discussion, and to encourage them to ask
> here if they're unclear about what that means or how they might do so.
>
>> I'm not sure if this is a normal use or not. Do you mean that the main
>> key is offline so it is the private key?
>
> no, your primary key is not offline unless you've taken steps to put it
> offline (you would know if you had done so). Hauke was making a
> suggestion of something else you could do.
>
> --dkg
>
>
More information about the Gnupg-users
mailing list