Keytypes and changing them

Christoph Anton Mitterer cam at mathematica.scientia.net
Tue Nov 8 23:41:43 CET 2005


David Shaw wrote:

>If such a feature existed in GnuPG, yes.
>
>David
>  
>
Uhm,.. I rethought the whole thing,... and I came to the reason that I 
gave up too fast ;-)

Ok,.. you told me that the disadvantage of C-only keys would be that you 
can't response to challenges. Is this the only reason?
As far as I know a challenge/response is used by some users to verify 
the email of an UID before they sign it. But lots of people do not 
validate this, because they think it wouldn make sense at all. E.g. if 
someone uses some freemail address he could lose the address after 
validation because the provider stops his service. So signing the eMail 
as part of an UID does not really secure that the address is under the 
controll of the keyholder, does it?
The only solution (in my opinion) are services like PGP Global Directory 
Key or so,...
But I think it is not so important to secure if the email is under 
controll of the keyowner. The worst thing that could happen is, that an 
encrypted message isn't received by the (private)-key owner, because the 
email is wrong. But this can even happen when the email is correct (e.g. 
if someone controlls part of the network).
What it all comes down to is: In my opinion - and correct me if I'm 
wrong - validating the email once does not make much sense. The only 
good alternative is some service like PGP Global Directory Key.

What are the advantages of using C-only keys?
Uhm,.. inm y opinion the stanard intends using C-only keys, if not they 
would have created only the S-flag, that stands for both, signing and 
certification.
But they created the following flags:

0x01 - This key may be used to certify other keys.
0x02 - This key may be used to sign data.
0x04 - This key may be used to encrypt communications.
0x08 - This key may be used to encrypt storage.
0x10 - The private component of this key may have been split by a secret-sharing mechanism.
0x80 - The private component of this key may be in the possession of more than one person.


Another advantage is perhaps, that a C-only key shows other users that 
the key is perhaps used in a more secure way (because it's not used for 
signing plain data).


=> I think GPG shoud offer an option (like setprefs) to switch the 
key-usage flags of primary and secondary keys.

I spent the last three or four hours browsing through the GPG code, but 
I had to resign because it probably takes to long to become familiar 
with it.

1) Is this feature going to be introduced in upcoming versions, or is 
there some kind of wishlist where I could ask for it :-D ?
2) Or can someone here help me and point me to the right places and 
funtions that I have to use for implementing such a feature?

Best wishes,
Chris.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cam.vcf
Type: text/x-vcard
Size: 449 bytes
Desc: not available
Url : /pipermail/attachments/20051108/96ec96c7/cam.vcf


More information about the Gnupg-users mailing list