Migrating keys (fwd)
David Shaw
dshaw at jabberwocky.com
Thu Nov 27 15:56:45 CET 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, Nov 27, 2003 at 12:34:36PM -0800, Atom 'Smasher' wrote:
> but, if i sign your key, and you add a sub-key, that carries my
> signature, just the same as your original key that i signed... my
> understanding of PGP/GPG is that it's easy to "go back in time" and
> add a sub-key, so it would appear that the sub-key was also signed.
No. If you sign my key, you sign my primary key plus a user ID.
**I** sign my subkeys. You do not sign them.
David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.5-cvs (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc
iHEEARECADEFAj/GZQ0qGGh0dHA6Ly93d3cuamFiYmVyd29ja3kuY29tL2Rhdmlk
L2tleXMuYXNjAAoJEOJmXIdJ4cvJcWsAn1BqViuUgm9yNnISdYnwu1jQZCg4AJ9E
TNfwOGH7X4HvV+OSTD75odpPRg==
=j1p9
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list