On 01/16/2013 01:42 AM, Leo Treasure wrote: > Thanks Hauke! I needed to use the main key to interface with a Bitcoin > exchange mpex.co. I first exported my ascii armoured public key and sent > it. For subsequent orders the exchange operator needs me to sign with > the same main key.
I note that your key 0x46EEEA4C06CD1637 is a bit unusual in that its
subkey is marked as signing-capable. with the default gpg --gen-key
creation, the primary key is usually marked as capable for signing and
certification, and the subkey is marked as just encryption-capable.
how did you create this key?
Despite it being unusual, it's entirely reasonable and within the
OpenPGP spec to have a signing-capable subkey.
You should tell mpex.co that their system needs to support
signing-capable subkeys.
Feel free to point them to this discussion, and to encourage them to ask
here if they're unclear about what that means or how they might do so.
> I'm not sure if this is a normal use or not. Do you mean that the main
> key is offline so it is the private key?
no, your primary key is not offline unless you've taken steps to put it
offline (you would know if you had done so). Hauke was making a
suggestion of something else you could do.
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
