David Shaw wrote: > On Thu, Nov 10, 2005 at 09:00:56PM +0100, Christoph Anton Mitterer wrote: > >snip> > >>btw: You remember my C-only thread (I'll answer you lastest posts >>soon),... I played around a bit and read some parts of rfc2440. >>Ok when I split a key using gpgsplit I get about the following: >>pubkey >>uid >>selfsig on uid (Sig type - Positive certification of a User ID and >>Public Key packet(0x13)) >>subkey >>selfsig on subkey (Sig type - Subkey Binding Signature(0x18)) >> >>Ok,.. the 0x18 signature ist the one that binds the sub to the primary. >>=>so nobody can add his own subkey to my primary because he wouldn't be >>able to make a subkey binding sig, correct? > > > Right. > > >>=>but he is able do take my subkey and remove my 0x18 and add his one >>(that is where your back sig come into the game, correct?) > > > Right. > > >>Is it correct that the primary has not directly a single self sig >>packet, but rather 0x13s are used therefor? If so,.. what is 0x1F >>(signature direct on key) used for? I thought this is used for primary >>selfsigs. > > > No, 0x13 (or 0x10, 0x11, 0x12) are used to sign a user ID and primary > key together. Historically, people call this "signing a key", but > it's really signing a user ID + key. > > 0x1F signatures are truly signing a key alone. > >
So is a backsig of type 0x1F then?? -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
