On 07/03/17 09:40, Bill Dangerous wrote: > I would like today to correct my mistake without loosing my key, so I > need to transform this master key into a subkey.
With GnuPG 2.1, I think this is easily doable. Which version of GnuPG are you using? With the older branches, this is quite difficult. I do however wonder why you want to do this in the first place. Your primary key should not have the Encrypt ability in the first place, and signature keys are easily exchanged without affecting old signatures. Is this about the certifications you already have on your old key? You could publish a key transition statement and ask people to re-certify. It's not as nice as just having the old certifications work, but that might not be desirable for other reasons. I doubt you would benefit from earlier certifications if you started issuing signatures with your new subkey that was formerly a primary. I think behaviour might be unreliable. How does the recipient GnuPG know whether it was issued by your old primary, in its capacity of the old primary, or by your new subkey? There is nothing in a signature that indicates this[1]. The GnuPG installation of one person might decide it is a signature by the old primary, and award validity to it based on certifications on the old key. A different GnuPG installation might decide it was the subkey of the new certificate that issued the signature, and use the validity of the new certificate. People having both keys might see either behaviour, and might see a new behaviour when they change something about their public keyring. Oh, and before you benefit from keeping your primary offline, you'd have to revoke the old key. Any GnuPG installation that concludes the signature is by the old primary will immediately flag the signature as BAD because it was issued after the key was revoked. This makes it even worse. In fact, this realization tells me another thing: you can't benefit both from earlier certifications and from having an offline master key, it is either-or. > Indeed, my old master key which is now a > subkey, has all the flags (SCEA), and I don't know how to change that. I > would like to limit flags to SE. Both look wrong to me. Why do you want to have the Encrypt capability on that key, do you have that on your old primary? It is considered bad practice to use the same key material for both encryption and signatures, since it opens the door to some sneaky stuff that is easily avoided by not using the same key for both. I'm not saying it is readily exploitable and I'm not saying it is not. > I would like first to be sure that this process of migrating a master > key to subkey is reliable ? Am I not breaking something, that I am going > to regret ? It sounds like a pretty bad idea to me. I expect recipients to see breaking signatures, and a primary key with the E capability should be retired anyway. Don't throw the key away! You'll still need it to decrypt things that were previously encrypted to it. But don't use it anymore. > Is there a way (even if hacking gpg code is needed), to change those > subkey flags ? Yes. Let's deal with the rest first. HTH, Peter. [1] There is "Signer's User ID" which could theoretically be used to differentiate. But this is not widely used, and I doubt it would work in practice. The purpose is to differentiate between different user id's on one certificate, not to differentiate between certificates. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
