Adding a subkey notation
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Jun 29 18:45:34 CEST 2015
On Mon 2015-06-29 11:33:35 -0400, Marko Božiković wrote:
> I've looked for a way to add some sort of comments on subkeys - I'd like to
> have multiple authentication subkeys and easily distinguish among them.
i've done this myself by clearing all the usage flags and using
--cert-notation. But see the gnupg-devel thread from 2013 starting at
Message-Id: 87obeo2vg7.fsf at alice.fifthhorseman.net for some bugs i ran
into. Hopefully they're all fixed by now, but external verification
would be welcome.
> From what I've read, notations seem to be the way to go, but I was unable to
> find a way to set them on already existing subkeys...
you generally don't want to change already-existing subkeys. You can
just create a new subkey and set the notations on it.
> In general, I haven't found a comprihensive documentation on notations
> anywhere. Is there some kind of guide/best practices documentation for them?
https://tools.ietf.org/html/rfc4880#section-5.2.3.16
The IANA registry currently contains no entries:
https://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-6
--dkg
More information about the Gnupg-users
mailing list