[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: Key Signing, Subkeys
From: David Shaw <dshaw () jabberwocky ! com>
Date: 2007-09-01 13:16:30
Message-ID: 20070901131630.GA22208 () jabberwocky ! com
[Download RAW message or body]
On Sat, Sep 01, 2007 at 12:39:54PM +0200, g_k@gmx.at wrote:
> Hi!
>
> I'm new to GnuPG and have 2 questions regarding key signing I didn't find
> answers for in the documentation:
>
> 1) Somebody signs my public key, and this "new version" containing
> that additional signature is uploaded to a keyserver. (Am I right so
> far?) How do others that already had my public key before that
> signature get the new version? How do they know there is a new one?
Most people poll for updates occasionally (e.g. "gpg --refresh").
There is no notification method.
> 2) When I have a master key, and a subkey for everyday usage, I
> don't lose all the signatures on the master key if the subkey is
> revoked or expires, since the new subkey will be signed by the
> master key.
True.
> This implies using only the master key for signing.
Not necessarily true. You can use a subkey for signing if you like.
In this usage, the master key is only used for signing other keys
(whether your own subkeys or other peoples keys).
> Now, if someone signs my master key, how will this be reflected on
> the subkey? Do I have to generate a new subkey every time someone
> signs my master key in order that the new signature affects the
> subkey?
No. The trust calculations are between master keys and user IDs
(people don't sign a master key - they sign a master key and user ID).
Subkeys just go along for the ride.
David
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic