export a public subkey isolated

David Shaw dshaw at jabberwocky.com
Thu Mar 24 20:29:00 CET 2011


On Mar 24, 2011, at 2:16 PM, Tom Mayer wrote:

> Hi List,
>  
> there was no success in googling this question:
>  
> Is it possible to export the public part of a subkey isolated? There should be nothing of the masterkey or other subkeys in the exported keyblock.

I'm afraid this is not possible.  An isolated subkey is not a valid OpenPGP "key".
 
> Situation:
>  
> www.ripe.net database is not supporting signing with subkeys. They only accept a single key in certificate block.
>  
> I have an openpgp card containing my secret subkeys for signing/encryption/authenticating and am only able to export the subkeys with the corresponding masterkey in one block.

You might be able to do byte-surgery on the keyblock to turn your subkey into a primary key (and then get it to sign a user ID since your current user ID wouldn't be signed by the right key).  That would probably cause as many headaches as it solves.

Why not talk to the RIPE people and ask them to support subkeys?  They're a standard part of OpenPGP and have been for a long time.

David




More information about the Gnupg-users mailing list