On Mon, 31 Aug 2009 19:24, j...@jameshoward.us said: > I am not sure if this is a bug, but given the documentation it is not > the expected behavior. I created new keys this weekend, due to a lost > USB drive. Replicating it here, if you specify --expert and create a > RSA subkey with all the options off, it will create a subkey with all > the options, including certification turned on. Here's a slightly
That is perfectly okay. If you want to set the key flag for certification on a subkey, gpg allows you to do so. The OpenPGP standard does not restrict this. Note that despite a subkey carrying this flag, OpenPGP (and thus gpg) will always use the primary key for certification of user-ids and other subkeys (binding signatures) and for certifying other keys (key signatures). Shalom-Salam, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
