openpgp + subkeys

Simon Josefsson simon at
Tue Feb 26 18:17:44 CET 2008

Nikos Mavrogiannopoulos <nmav at> writes:

> I've been working a bit lately on the openpgp support of gnutls. The planned 
> changes are:
> 1. To handle subkeys
> 2. To list/generate keyrings using certtool
> 3. To list openpgp certificates/keys using certtool
> The first is partially completed. However I've come across a limitation of the 
> current protocol for openpgp keys (rfc5081). It seems currently there is no 
> way to indicate to the peer which subkey to use, thus always the primary key 
> has to be used.


> Moreover it states that the key has to be marked for authentication, but it 
> seems there is no way to arbitrarily mark a public key with gpg (or I 
> couldn't find it).

Is this a gnupg problem?  I assume the OpenPGP spec allows it.

I recall GnuPG asked me about authentication/encryption/etc keys when I
used a smart card with GnuPG.  So maybe it is possible.  Ask on the
gnupg list?

> For this reason now on the stable release we always use the primary key and 
> ignore the flags of the public keys. 


> On the development release I plan to implement a subkey negotiation -by 
> sending a keyid at the initial hello messages to indicate the (sub)key that 
> will be used during this handshake. 

This is finished now, right?

> I was also investigating to using the first subkey with authentication flag 
> set, but it seems this approach is not that optimal. Other subkeys might be 
> present and the selection of the first seems arbitrary. Thus I'm most in 
> favour of the first solution.
> What do you think? Any other ideas or comments?

Is there any recommendations from the openpgp spec?  It seems the
question of which subkey to use would come up for every openpgp


More information about the Gnutls-devel mailing list