disconnected binding of sub and master keys

NIIBE Yutaka gniibe at fsij.org
Thu Feb 26 01:43:39 CET 2015

On 02/26/2015 03:22 AM, Matthew Monaco wrote:
> I think we should easily be able to create subkeys on our day-to-day machine,

I'd understand your point.  IIUC, you don't want to export "secret"
from an air-gapped machine by any chance.

The practice of having air-gapped master key is because of risk of
attacks.  In that practice, it is considered OK, having subkey on your
day-to-day machine.  But, your proposal goes further: creating subkey
on a day-to-day machine.  It worries me, a bit.

There would be some cases (or troubles) that an air-gapped machine
wouldn't have enough entropy (like using LiveCD or embedded).  But,
this particular issue should be fixed on that specific environment.
Other than this point, it is highly recommended, in general, to create
a key (master or subkey) on an air-gapped environment (if that's your

More information about the Gnupg-users mailing list