On Jun 5, 2009, at 12:27 PM, Kārlis Repsons wrote:
On Friday 05 June 2009 15:23:10 Werner Koch wrote:
On Fri, 5 Jun 2009 16:59, j...@jameshoward.us said:
On Fri Jun 5 10:52:48 2009, David Shaw <ds...@jabberwocky.com>
wrote:
--allow-secret-key-import is a no-op. It is no longer used for
anything.
Really? I could not import last week without it.
Sure:
Ok, but I am still in problem, because, after I did
thekey == mail address
Machine 1: gpg --export-secret-keys (thekey) > myfile.gpg
Machine 2: gpg --import myfile.gpg
it says
gpg: Total number processed: 1
gpg: imported: 1
gpg: secret keys read: 1
gpg: secret keys imported: 1
However, I had there 3 subkeys today! And after doing import, they
all appear
through gpg, but no way to use any with kmail!
I also tried thekey == key ID, but it gave equal outputs for all the
IDs...
What is wrong?
Nothing is wrong. When you export a key, all of the subkeys go along
with it.
Actually, I would appreciate, if someone explains me the concept of
master and
subkeys in gpg -
1) the exclusive/overlapping functions of them
Traditionally, the master key is used for signing and a subkey is used
for encryption. In practice, you can actually have many subkeys, each
with whatever purpose you like.
2) does fingerprint change, if subkey is added (or, does that refer
to the
master key only)?
No, the fingerprint does not change. The key fingerprint is that of
the master key.
(Subkeys actually have fingerprints too, but you don't usually see
them since referring to the master key brings all of the subkeys along
automatically).
3) how about the revocation certificates, that are generated for
master key,
if signing subkey is added afterwards?
Key revocation certificates are always generated for and by a master
key.
David
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
