How to add information about purpose/security of sub keys?

Thu Nov 14 02:29:33 CET 2013

On Nov 13, 2013, at 6:08 PM, adrelanos <adrelanos at riseup.net> wrote:

> Hi!
> 
> I would like to partition my key like this:
> 
> - long term identity key (air gapped, master key) [a]
> -- short term e-mail encryption key (less secured sub key, only on mail
> machine) [b]
> -- short term e-mail signing key (less secured sub key, only on mail
> machine) [c]
> -- short term images/repository key (less secured sub key, only on
> software build machine) [d]
> -- long term encryption key (air gapped, sub key) [f]
> 
> In other words, I would use:
> 
> - [b] and [c] for convenience, communication which isn't that important
> - [c] to sign software / apt repository
> - [a] to sign important messages (key transition etc.)
> - [f] little convenience, for receiving important messages
> 
> What is the best way to make key [b] the default, so anyone writing an
> encrypted mail will use key [b] and not key [f] unless a conscious
> decision was made?

There isn't a standard way to do this - the encrypting client is free to pick either b or f, as it desires, when encrypting to your key.   That said, many (most?) clients will pick the most recent key, so if you generate b after f, you should get what you want, at least most of the time.

> What is the best way to communicate...?
> - if you want to send a mail, in most cases, use key [b],
> - unless it is really important, then use key [f]
> - most of my mails will be encrypted with key [c], unless it's
> important, then I use key [a]
> - software I sign will be signed with key [d], do not use software
> signed with key [c]
> 
> It would be best if this information was presented by default, such as
> when importing my key or at least when running --fingerprint. What is
> the best way to communicate that, sub packets (notations), UUID comments
> or something else?

The standard way to express how you intend to use your key is via a notation or a policy URL pointing to some document where you set out your desires.  It does not display when importing your key, but is present if anyone cares to look for it.  Do note that few people read these documents unless they have a specific reason to (you're in control of what you generate - you can't place requirements on how people process it).

> Are sub packets (notations) signed by the master key [a]?

Notations are a signature subpacket (i.e. live on a signature themselves), so if the signature was issued by the master key, then yes, they're signed by the master key.  If you're making a notation on a self-signature (like the one binding your user ID or a subkey), then this would of course be issued by the master key.

> Are UID comment signed by the master key [a]?

Yes.  All parts of the UID string are signed by the master key.

David