back signatures

David Shaw dshaw at jabberwocky.com
Sat Nov 5 14:30:43 CET 2005


On Sat, Nov 05, 2005 at 04:39:40PM +1030, Alphax wrote:
> David Shaw wrote:
> > On Fri, Nov 04, 2005 at 10:15:16PM +0300, Pawel Shajdo wrote:
> > 
> >>Salve!
> >>Can somebody explain me what is "back signatures"?
> >>Manual not very clear about this.
> > 
> > 
> > It's a countermeasure against an attack against signing subkeys.
> > Basically, the primary key signs all subkeys.  With backsigs, the
> > signing subkey also signs the primary key.
> > 
> > Without this, an attacker can "steal" a signing subkey from someone
> > else and try and pretend that a signature came from his own key.  It's
> > not a particularly good attack: the attacker can't issue signatures to
> > prove his ownership.
> > 
> 
> Will this remove the possibility of moving subkeys from one primary key
> to another / converting primary keys to subkeys (documented at
> http://atom.smasher.org/gpg/gpg-migrate.txt)?

No, it's unrelated to that.  It's a countermeasure against a (somewhat
weak) attack.  It has nothing to do with various bit twiddling you can
do to your own key.

David



More information about the Gnupg-users mailing list