back signatures

David Shaw dshaw at jabberwocky.com
Mon Nov 7 14:41:25 CET 2005


On Mon, Nov 07, 2005 at 11:55:02PM +1030, Alphax wrote:

> >>>It's a countermeasure against an attack against signing subkeys.
> >>>Basically, the primary key signs all subkeys.  With backsigs, the
> >>>signing subkey also signs the primary key.
> >>>
> >>>Without this, an attacker can "steal" a signing subkey from someone
> >>>else and try and pretend that a signature came from his own key.  It's
> >>>not a particularly good attack: the attacker can't issue signatures to
> >>>prove his ownership.
> >>>
> >>
> >>Will this remove the possibility of moving subkeys from one primary key
> >>to another / converting primary keys to subkeys (documented at
> >>http://atom.smasher.org/gpg/gpg-migrate.txt)?
> > 
> > 
> > No, it's unrelated to that.  It's a countermeasure against a (somewhat
> > weak) attack.  It has nothing to do with various bit twiddling you can
> > do to your own key.
> > 
> 
> So how /do/ they work (and how does one go about moving subkeys between
> keys)?

I'm afraid I don't understand what you're asking here.  How backsigs
work?

David



More information about the Gnupg-users mailing list