On Fri, 22 Oct 2004, Rob Browning wrote: > If I added a new sign/encrypt sub-key to my Debian key, would I be > able to use that to sign and upload packages? Would the Debian
Yes, mostly. Some stuff (db.d.o and vote.d.o come to mind, but I am not sure about that) require you to always sign using the master key. gpg lets you do that, so it is not a problem. The archive tools don't care and will use subkeys happly, as they should (either that, or debsign is being quite ingenuous and telling gpg to always use the master key :-) thus I never noticed any problems). > keyserver and the Debian upload infrastructure be able to handle it? Yes, without any problems. > If not, would I at least be able to add the sub-key for non-Debian > uses without causing trouble with the Debian infrastructure? The subkeys cause no problems in Debian. But make sure to never let the master key expire, and to upload a new subkey to keyring.d.o a few _months_ before all of your subkeys expire... -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh
