On Tue, Nov 29, 2005 at 04:08:06AM +0100, Christoph Anton Mitterer wrote: > If you look at professional CAs (e.g. DFN-PCA) they clearly state in > their Policies that e.g. they'll NEVER use their root keys for signing > data but only for signing keys (DFN does this with its root-PGP-keys for > example). > I think the advantage is,... that other users can at least think that > the key is more likely not used in daily-bussines (with potentially > insecure applications,.. Thunderbird,.. etc.) but only when the owner > signs a key. > But of course this is only a personal opinion ;-) > However: > => It is defenitely sure that with a C-only primary key (and a S-subkey > - of course WITH backsigs) I would NOT loose any security or > cryptography strength, at all, right? The only problem is that issue > with challenge-response, right?
This is not a cryptographic question. The key is same either way. This is just a flag that says "I intend this key to be used for xxxxxx". And - this is the important bit - the user can *reissue the flags as desired*. I can make my key claim to be anything I like, and then change it 5 seconds later. Anyone who bases any decisions on what flags the key has is fooling themselves. > btw: Wouldn't it just work to answer the challenge by signing with the > signing subkey? If someone would trust my primary key he should also > trust my secondary (because it is bound to the primary by the 0x18-sig), > or am I wrong? No. A certification signature is made over the primary key and the user ID. A signing subkey is not involved in this, and is thus not really able to answer the challenge. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
