Hello List I am looking for some reading material related to gpg subkeys in particular on how they are related to master signing key.
I have an understanding of how public key system works but what eludes me is how subkeys are tied to the master key They are all signed by the master key but it is also possible to take one of the private subkeys and use it on a machine separate from the master-key machine >From a sub key machine, if one exports the public key somehow both master and subkey public keys are exported? I would like to use a signing subkey to sign rpm packages and it seems that rpm cannot verify packages signed with a subkey and rpm mailing list does not respond to my request for more info. Using a similar process to export signing subkey I was able to test signing and verifying email though. I need a much better understanding of how gpg subkeys work to convince myself that it is the rpm system that lacks the support and thus I request the info here. Please point me to books and papers. Any explanation you can give in this email will be appreciated too. If there is a way to understand better by looking at a particular section of the source code, please help me navigate the source code. Sincerely mr. wu _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
