On Sat, Sep 01, 2007 at 12:39:54PM +0200, [EMAIL PROTECTED] wrote: > Hi! > > I'm new to GnuPG and have 2 questions regarding key signing I didn't find > answers for in the documentation: > > 1) Somebody signs my public key, and this "new version" containing > that additional signature is uploaded to a keyserver. (Am I right so > far?) How do others that already had my public key before that > signature get the new version? How do they know there is a new one?
Most people poll for updates occasionally (e.g. "gpg --refresh"). There is no notification method. > 2) When I have a master key, and a subkey for everyday usage, I > don't lose all the signatures on the master key if the subkey is > revoked or expires, since the new subkey will be signed by the > master key. True. > This implies using only the master key for signing. Not necessarily true. You can use a subkey for signing if you like. In this usage, the master key is only used for signing other keys (whether your own subkeys or other peoples keys). > Now, if someone signs my master key, how will this be reflected on > the subkey? Do I have to generate a new subkey every time someone > signs my master key in order that the new signature affects the > subkey? No. The trust calculations are between master keys and user IDs (people don't sign a master key - they sign a master key and user ID). Subkeys just go along for the ride. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
