I think we should easily be able to create subkeys on our day-to-day machine, while maintaining an air-gapped master, without transferring secret material back and forth. This seems possible [1][2] using gpgsplit and possibly some hand editing of hex files. By operating an offline master setup, we are agreeing to more complexity and knowledge about openpgp details, but I think the leap from basic to offline master is a lot smaller than from offline master to "merging" subkeys.
So, is there technical reason as to why this isn't straightforward? Is it a "patches welcome =)" type of thing? Or maybe you want to argue that I'm wasting my time trying to avoid writing secret data to a cd/sdcard/etc to bridge my airgap. The workflow that makes sense to me is for addkey to work even when "Secret parts of primary key are not available" (possibly with --expert flag), resulting an a file such as <mykey>-bind-request.asc. On the master, --import <mykey>-bind-request.asc should do the trick, but a dedicated command would be fine to. After this, an --export > <mykey>.pub should be able to communicate the binding back to the active machine; however a <mykey>-bind-ack.asc might be nice so the ultra-paranoid can inspect as little data as possible. This is for discussion. I'm not complaining that this hasn't been implemented or that someone needs to get to work! [1] http://atom.smasher.org/gpg/gpg-migrate.txt [2] https://lists.gnupg.org/pipermail/gnupg-users/2010-August/039307.html -Matt _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
