Signing statement with master key?
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Aug 9 01:53:06 CEST 2016
On Mon 2016-08-08 18:29:02 -0400, Cannon wrote:
> This is a hypothetical scenario.
> Lets say if I have a keypair.
> The master key is set to SC (signing and certification) which are the
> default settings. The master key pair is only used on airgap with safe
> data transfer between airgap and network connected computer.
> Is it safe and possible to use the master key (not subkeys) to sign a
> statement?
yes, it is certainly possible. I'm not sure what you mean "is it safe"
-- safe against what?
It's certainly no less safe than the common/default mode of operation,
where the primary key is not airgapped, and there is no separate
signing-capable subkey. This is a sensible and well-supported use case.
--dkg
More information about the Gnupg-users
mailing list