On 04/03/2017 04:20 AM, Peter Lebbing wrote:
On 02/04/17 21:00, Neal H. Walfield wrote:
In short, the main key acts as a level of indirection, which separates
your identity from your encryption/signing keys.
I'd like to extend this short description a bit :-). There is one
important somewhat-caveat, which is that you can't delegate the Certify
capability to a subkey. This means you always need to use the primary
key to sign other OpenPGP *keys*.
We really need to stop referring to this as signing. The number of ways
that the same term is used to mean different things in PGP is a huge
contributor to the confusion on the part of new users.
Doug
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
