subkey comments?

Hauke Laging mailinglisten at hauke-laging.de
Wed Nov 13 01:52:24 CET 2013


Am Mi 13.11.2013, 00:34:38 schrieb adrelanos:

> > But it has not been determined what exactly
> > that refers to.
> 
> I don't understand what you mean by that sentence.

I mean: It is difficult to say "A UID comment refers to the mainkey" or "A UID 
comment refers to the subkey" (and make sense). A user ID is simply a string 
describing some person or other entity. If the comment is "CEO of Example 
Inc." how should that be related to the mainkey other than to a subkey?

There are other situations: I use (abuse?) an additional user ID to make 
statements about both mainkey and subkeys (by stating that the mainkey is 
offline and how secure the subkeys are).


> > A key comment in a technically more correct sense would be a signature
> > notation.
> 
> Notations and comment part of a user ID are different things?

For several reasons. A notation is a subpacket (i.e. some additional 
information) to a signature (self-signature in this case). The UID comment ist 
just text between round brackets.

Self signatures are used to bind both user IDs and subkeys (and some other 
stuff) to a mainkey.

You can have a comment in the user ID and a notation in the signature. They 
are independent of each other. All four cases are possible.


> I guess I prefer the comment part of a user ID, because that is shown by
> default. (The --list-options show-notations does not seem to be very
> popular.)
> 
> Is it possible to add a comment to the user ID of sub keys?

You (as most people) have not understood how mainkey, user IDs and subkeys are 
related. And it seems that I haven't figured out yet how to explain that well.

Both subkeys and user IDs are related to a mainkey. In this sense user IDs and 
subkeys are on the same level. There is no such thing as a subkey user ID or a 
user ID subkey. User IDs are just "names" for a mainkey. You can add and 
remove user IDs and subkeys. They do not affect the other group.


Hauke
-- 
Crypto für alle: http://www.openpgp-schulungen.de/fuer/bekannte/
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 572 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20131113/2978bfa3/attachment.sig>


More information about the Gnupg-users mailing list