Certification Subkey
Tom Ritter
tom at ritter.vg
Sat Jan 9 23:54:45 CET 2016
On 4 January 2016 at 10:03, Werner Koch <wk at gnupg.org> wrote:
> On Sun, 3 Jan 2016 17:25, tom at ritter.vg said:
>> I'm curious about creating a subkey capable of certifying other PGP
>> keys. I don't think this is disallowed by the spec (although I'm not
>> certain about that).
>
> It is not explicitly stated about self-signatures on user ids but it is
> stated for key binding signatures. Thus you might be right that it is
> not disallowed. However, allowing this would very likely violate our
> security model and thus sensible implementations will only self- or
> key-binding signatures done using the primary key. The only exception I
> see are Embedded Signature sub-packets (5.2.3.26)
So I did it... =) It seems to work. I've attached the keys if anyone
wants to examine/test them. It contains:
- The Signing Key (Primary key and Subkey both with Sign/Certify capability)
- Test Key, signed by the Signing Key's subkey
- Test Key Two, signed by the Signing Key's subkey, then the signature
was revoked
-tom
-------------- next part --------------
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFaRf78BEACTpudw1k3rt6/z/SGJNDNh8sXSC2s46MBtA33O6fd9F5Dz98Ys
PHWlds+ixFRuAidozGJkYqU2wXvmnGIPHT5UM0/L5ARKbgbX77ca+Oxt1ClpQbXY
H+XedX+uw9mSgD3+BX68Vylp7tIIjNmWgB+k72He6F0Vw2h/NOYd5TyV+aiAIZnc
LTwESExBUXDMbViVl1fJglfTmOTzOgCPjCOUrqHiLAeQ/POy2YyvMsJKZkWzf11p
PbBidKl5u3YSc2ooTlUEFGrO42R0/IVhjetbAWwqhqNyOVlO9pg3kzz4B42nins2
jcPk1+pG1SCpMEw+3WMrIaVmD/cKMv6hfLj3O5uOdOVgfx9wfp/+f9lu4kEcf3yB
rWV0eRuCbpuyf6v+d5+oAF4vxPDmdFFiL8Bw2pKj+fq6BAsrtluLFM00T6V7Cuj7
lwpThRIuQ/8iGuSqYGn8zDQKZS4v/5IS8k8RCvK22Y7w/DwXRrlIl/nVwnasAcLK
WAlCJPvvB/RZI6tvNQhIIFE9R8Gzl1jjM1AilmkEfxxpkmHBGhtslOgWq5KLr68b
dRsBipqYaG0+5jUp8STS28h1hbIb7fIJ2EajCIGhc9mcwIvivU/v19tcd678fjpF
qon65yVd7P49P3hUl4aDvr3JSaTWCcUu7no5BDXZRQDCxzJqOmHbTXnkkwARAQAB
tBBUZXN0IFNpZ25pbmcgS2V5iQI4BBMBAgAiBQJWkX+/AhsDBgsJCAcDAgYVCAIJ
CgsEFgIDAQIeAQIXgAAKCRAjVwBFdpcNSns4D/4i/Dpa8AnefSvxzeyqLkJBVreg
gB8BHp1WknehBEi0fAxDfKxOkgt7uqzDSIy8QFX8bYFUqfKLdZu0veuCjOoZwRDh
v8BNVan3XkTBlQp/HeuwlpFbbj8+gkOzC/aQdvL6bdYAWbvNsH0kxgCO+c5Bn0rC
Y6y3nSd0Np9tXuBJaeCLQCO9sJIkTH5/DB58Vw349ib5JbxAWVa5Bit5GpOr29sh
lR9VOBSkh2/I/uXyT6s4EJbyuVfuIEuex3MY66Ls6rea0bnWZDUIA4c+pq/SbZUc
iM/yYx7Sdop1MG09vKQRUNlRwCt5tWfhHvBIDvXJgxvoyw1aOs5Xxxr5FXcT4WQs
3iJNh5zHxmlxjHtjYUxTj438s+QX+/O+iK0bw5e0oql69kCqIT6be4BpWf7aqwhL
HAm27KDxcjTQBZQdzTFo9+pGcujjZg+Q8jxsYqZbR9ZnI6++3y7TVt9/OucD6EmM
c+ixiRSzdrhY+QXCgncuJD+RGUhURDNfCdLXFOKFPdiglWzv8PUIYuQofyqV9Eea
fH7Jwe7+JUONU6g/EScMXpsoFnvYdSeoxlBesUznwegHkAq9S9cWOSyfgwARH5Bf
JUf8egfrNTJM4TpUfVNCyB03WAP54ulSW74fbRkoVq2sWhSkS5ZS1YCl6Qc77H5y
MtcB7mXxkDhRxl74ULkCDQRWkYnAARAAskbvbwfYnIk+1M8N4oyAjU4W6x2sLheQ
I/7ZH1tJMwnFD3Dxq7qMRmiILZ9HoJ6sY7VIUuyX2U08vojs3uy3hNabZdqdeg25
R6Hk6yOR0L3urSq6YWZ00qpdxhVfc8XGiT2LphgKxm8/mOXiabMyMm98d8kGDCv+
bTwAPF3v5GRzN2bs5prrjMoufH/lqQaFvgNRM+WnqaoXPSlcQSUdvkfdxIPTSoV0
9M/OwfmMkZMSGhKkYooNnfx7UfqPTuQP3expGLl9XbtM1udPxJl6WnO3hvlERMC6
SRWwsHBqnYQGF2CrgAMvSqRbeLXiPH+mrIpGDq6+CaGnFU6yR2XT2uvkqhEXkGxW
zFzLcVf6gu4rVE4H1KYG6CTLXKWtp+2X5a8j3V/iUpMSgozqpztoiQcMsaxoK/l7
gvKFMRyHrNDYrRNmk/7TO4F7GWPpNY0OOjqYjDyQE9E7RIDILcxqwdc6RyPRqiZe
oFVXEeJHd9V6QiCJmQUj49PQ68Y6G09SnPdeZ2OnKLwPiEcVuRztJAZ0K6/4gpud
zbtYxHMAs4FVkmiwRwr776nu2s85jwkoxP306TylWRv5Xa/e2ZNvZkxVgm9oJrTX
bn/B6zM2Epkus348I/nCc61cZJH37byQzoj4GfmdVyvFX93+WHyoo7ph8aipr/TW
oX85YFhhHucAEQEAAYkEPgQYAQIACQUCVpGJwAIbAwIpCRAjVwBFdpcNSsFdIAQZ
AQIABgUCVpGJwAAKCRB1uAUjWwI13xnIEACPkaRoitPbJZ+D6lGi7f9MwzhTbpCP
rKejARmWd7tyscZVFi9k5uId5crc+5+yK/oYVX4hQ2I8vAKdx1aXVloqhryBqtDC
iJihPE9b7cTdQfYv87LXM2N1/0mRI8xyrFlDwq4IlxASsFd16u45Kb0FODmXIqLE
UQ+QNIBWsHBPoOgHdyfRVIV52yJUBo4NhwQHZB45CYJ30tCQzK0AGYZp1T/fbt51
NHVhD+q7ngfHICBGASDlVG0yZxDkBUIxQ/dO/hA7Js1awLdWQo43+DOk6+st2jyw
dBb1DAmxOlNUpXeoyLKgfJDbUgT5wvLJe4ldyENzCQpq4+T91FoULsXrXTeVSFIP
4K1RDtvh1uFDz8R10poukVw9xX1MRKHmfq8mLzFBpeQSXfcdxrtCmp+emgtxdSmA
/QZ3FBsEKZhDu4hgAjyady8xjWO21jyVZb7RRHTKPkTv56dBdIH0Y68+1FZrSyG9
PCEL3FT9vIYNLCCQ/dTxGznzN7zf2nYeoayZ3SJr0Wkg49+NbOHm/iSRFI6LJnzF
ghHoAMBZ2djR3IH992htViUpxUaKGnNlbVe894xhG8qGUnvI8JC4j7kXN+RgtgP1
CADbPcIvUK9sxOxONSzNkoOBLG2PjGNF0XANMZfdOFgjv1CA9lSMdpkJIo8kAPqx
pkSvLVXS+HdUygOuD/9mNBh9ifbUgdpirxv6wb1oYl51M56ErWcPi+Fcg5BdZkG7
4sIy/9QDnCAtRiRaqUv2w9EvZImQAOin16HCt9mGFClqjmgrYKXIeoFPZ0T0u2QX
APKEFpStFeM4rWjAuOAF8SHdy/jGzB6RyleBEmUXP3sPOSOC2qQcJbFeh0fjprP6
A3a1yvlfKA6qc+ImjisclWL1lSjj91dhhl5EX/bSDlE3Ovamy8l286kWFn0nZsBk
dnM+C56Y0rwNs8vbGQNDqasDhPWVp0dENPviyTcuDR4yC2/buBSYsRc2boSiDYML
y5MhsttLiOVls0yWep+BZoGSDtrwgFnw8zrWkk/Bv5JimMQZKyc5qm6f83qNG5JY
+IezQTZSMXXSvgTGFkhH6NeIbIjABbgebC560sIGwbwTQkIxTuMCQ2Y4SRjbwDGV
AQT6WzHeGDBfuV2rFz3vEEGhO0S2e4rUMUfh5CI1kMPkwPGb6KcnQJGSHf1eZFEz
xLKJDCEQQJ9lqPped1+8XkKk+O2GiIH/9b/ATP4c8JeD2zAtwf7N5aia+sIxCoj5
JCtAK8lxuQ1ADBn3goaFoktiPPwxtLaUfRjO5q00Opc9K0ZXTUQpnN2aPyRkFTTP
FpOF4abN7uFG+RKETCdJZEOlG7JyREEFklp5PidWuAFb3xy4cJGAtVUVy9uc0pkB
DQRWkYqSAQgA80ZsWQslBife2ekQ0dvLA0aCVrufI1mz04zFBPBuJ7gugW5PYXYj
lKwOJgyhRbVdI0gvhcLCLg5EKcOickfMTN3kDJ56oTcN0TfgK4CVH4RDk4ujh0tH
Lq4L/ooo8l+DGnVKU57pKNcPkzmzlFVKxayTJ8DPB4nZJrzUxrGHWexCGP4MM5r7
9GKfi2sBLUjY0s4IrjF01rzwO2IKwioFMhMGCd8e63emeIKjkS7y/yyen0jfyIA7
ARZtpJq7omOFBN4wwWcKjt8RLxWt9LG+WHPI8yApGiSAvaxhaYyqlE73ILdoaPL/
4sF/4TFLOfRRm50QqC8gHWS9EyVuvVP8ewARAQABtAhUZXN0IEtleYkBOQQTAQgA
IwUCVpGKkgIbAwcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEPAuX/13m41A
oPIIAKG0e2+LUmXLZVUUv4uBL06FtJYnYB4U+sv4VHAoxGokR7I5Q3qpHwfUacF4
MASUCFQn0NuYGXC+LWysUcTeAUwlvXWJMfptzrVsP/pc7pvSLWI7xIWyRry8Au/O
fzmZqZHxMYFwcDpV5A9hAax1j65IJBP2mBweBXoGXKdy5uqSNlwlIkQpYcMHUVRE
68JCYBDTwNQO0zHgflZXUan7PGTQgGXuyOgNZ/8AgPNlik26cPOYvcD8x/6t/91l
FdRC9iJCCC9c3DMQoYXfiQV5cDEsDZwc+iG89M7ol9AvGDejM8oeNVKf4EOttosM
p7CuEGG/0j/ck9H5ZuxPy5A374uJAhwEEAECAAYFAlaRitMACgkQdbgFI1sCNd/i
cw//Zkv9rZ+R5syE6t509GlJTamnA4PRQJWY8PJE4aesTCPD33gxeNeA9O1HAAKc
Ni1MFD3rIkETWmNs8O7Z+SZb8CjCdd27svYJVU5yEmjBtOOWSk4LlLNm4p5r8ouj
9o6NsnoFcnkN+/f3cnxaR+wO9Kqt+0ueSJH3MwXFMzY6ef3P/IgnLnJ/d0pwcOa2
L+utN6xez51YzAE+h0ldPqqszSU0eT5EFGIEJW/rCI8/GMSKLjR2jmBjOcMWcfmY
12/WTOwVMNn82YJf3rO9STdBYtB7m9FfpHc45y53DTPx5t0maKQ5ETHlVhZebiH0
6tasnork28D0JsdEDZ2hsZImpclkLURlB6ySMZyhwUJecRHe6LqiAOieV1r1ayFU
TYiCqfzLLO0eKcFznHTukWfeJ/17s8hDPxO2XD3sWYXRvVY6UV5NATS2L3pDtz/M
+dcO0+ppwuWrk1GLtLxyz7+uJaIWJMuwc1MfaqAt4cOo/96Qz7x6hhpKZbCEamHA
vByTpaTEllQUdKrVhfFiTo+Xffj8GU2lSDS1PusMj24z1mft1XajBZQzKOub5/kJ
acpdAPqt9r8bQiW8Ubi1+GDSeqK8r1rvgDYtSidEPS+L+l1UmOCvlmpD6dKHjKlJ
ai32Y3R0177PRgi5SQDuENs6Kj8RU+/y3BDhahUugxQz1U+5AQ0EVpGKkgEIAK5R
i1LjIamSJ/bHVp/a4UihBNvAPrda0MsyDw8vIuQd958BDzcgA673rDxf7LW2FYP1
TWdiUkbBwvN4c7EZGh/ujJ4Y9fokv6vNdRE6+gW6TiMe2GoY5cBt3xnbMWQ0TPF0
5XWCiMc2Mft25NQvNu//B2nbPA+o9ju2w9s+qQVEcM7LVvsDLvpGw4ka40dMU0gB
G5azOx//s24W7dBaujpdANclQdWVXkf1qJbhyWhGhMfND1cAmd5RajR/dToxz7XS
CvzLEdNupp7rWxhEesZMnSlVj500pkfB+MpAA8BPaAFBBJjtgx55UG8AkpVLNB/n
ugsw95S1T3f9NE1RxYEAEQEAAYkBHwQYAQgACQUCVpGKkgIbDAAKCRDwLl/9d5uN
QPnqCADdegwXY8EhZrUa+hLR3ZNVkG3y5tSagpBzYcWvZR2xYHFdA68VZEl9WeS7
I0SvL7ONhpxvGPOkU9Yrr8IjQXYhTHUkezF3gSv+0qEFjGT2GsSWX5+/93KTYSBM
4Lan7Cn4epwhzWI8Xh+vH394mstDwnuJC/rX7ahC2OaWFTM9N1S3Qi4FapHgJ03Z
iN60AwYCx4//PzrAAeSB4I3suHSj9d0T3HLdGZ2SehDtmU4V/EOASSHAloljRDeU
C848RpJOaz1lzjFdZCjXZGYp5mL3L9iUsjwbxDHZtYdjGowgvFCSxoTa9aEZl/uq
9HXh+NzvR2mXWdcLGnRVo0b/vZn1mQENBFaRjAoBCADl+XZW+pRKSjbFTf3H5P/H
hLuieO1RT9POreH4rVQ+XKtvgpIBBj02gzSrRM/GtNX6aJQweNjH7Re4fUhQbIgh
ySJ+S07zXkf4lRBpa3IM35kBn93TbwSuq1VPq2yI1KUitwrXIgSY/YDK54wMA+3m
2VD/cQ2kgIQ1xAyoDE3LRGw1KT2SBOtpVdcMLw+PL/m6HRvhcyY8CCwrGfvkljJn
sVDHZPsAkL61WWkfGddVMJkTJwDs2MnbhbVDGnL2jPp79tbb3SBkfHPZE3oG5cVb
x3mFfryGzhF/qwpTZ+K3Epi80QvqAhwQ4bIHTeehRS1HY7QhcNRJWzDPs0FrDP1N
ABEBAAG0DFRlc3QgS2V5IFR3b4kCHwQwAQgACQUCVpGMhgIdAAAKCRB1uAUjWwI1
3zl2D/4n+qIS2v/95vcDgAcKIWpmzQry2TAla1veI6fbjamZnBIkOQ0OCtga/AnC
IoL2dieJaw66BjHiHsxvN0k3ZhZeg2fupw+itTWJicWY1JweU3egDGMCBz4bpz5d
FjvMPN7Bn/CjXgnP924+/8W+5/qljwoyQ6NgUSYf7It0bkdjZphpfaIrbzQmDZK5
uYv/8Z7J9Yu9KlTXtgNdGxMaq9kWbMIZiyKj+quElLe4X6eLWrFHijv/AjNT4sQr
txJ7FmcAzGZitCLDtdL2FurZd4eBVGFmpO9DSQZHhrMNPasFL7S7Kqcp57Fg7ZY6
fz3ptE1X1wRRqTCSKSrNMP+9ZQQhSIkM/HCCw/ljyaIX9cff1CaCynQZnISU1tAN
kc2GJ9y7RxKqYs91pgDeIHfhOc0qphrv6C3ejYZHEyTgdIuUIOAtUPPTaBXgA0I6
R+qLD9rUga34Bvaa4f417V+ZViiAfWLgU1/9KejVEKNzy4CwJzv0A8sYw2jLamAG
frPHhOSLyPh/k1yb72GhsPcJ7QWkZubdnSzZEE0aqKMwoo8ITeH2YjSnQCM0AXMs
DwKFZiTCzylCygQsgssJNtmiCUxsa/oWpEDA4KhOsHYzrcvmTTJZ0IhMqCUiDbQb
6W6ckxJdqbmTi/Ug50FL2Ze5tkQ7owil9B9M2eaYIrDj/zjUq4kBOQQTAQgAIwUC
VpGMCgIbAwcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEKWjt6McVEax08wI
AKLjvarnAj+jt6pEkOktxKw0g+a/6aazrSPv6D0BgmU92WI8/3DZENqShuLk7+Kl
mmKGU9k/QfAKXQG674qMlgfqo6u73M6z1FmcRoxMvAR/0UOkjn6PkMcXNn0HmweT
h9iNhGb4+hjU+js2y7fJYZxSCg0cRFfkzRtGQ3onUEOotu3K5z3CLget+NTqNghE
KvGAFKOjpPOUpXeZgpqDEuP3WMf1nUJ9xlHJTfE3RBRU85CnPFF/HwlSa2KPjviC
zcO0QqjXYi/PyhcejchABqCV+ce6oJ7Qp1RvfgN70cB2HnIVt93MX937HqLdTX/a
7GmDsW1j0uo6bM6NCHSptwWJAhwEEAECAAYFAlaRjDcACgkQdbgFI1sCNd+N6w/9
F6jVVoGsrUBuEcrRJR0O1FIZWHgpkf/dJWM2L2H2WFjEvJNZMDO0PQGSEpMcvF3r
0tYnBz3X+/4wi71gOnJ7bUuksaz1auXXbuK2p3JmnaVDjVo2/B3i7zzpSm+VL58u
C8eBaRC6LHCOHEHUgPmh49wV6/pRLU7mbs9od3Ep2SN/Da411ImIqmCwstQX71y/
VFCkLWMJhzLiD/7vpHlgvFQOqE3h/NaqudnR+BzX0O/BRgUL3Dg4cdDdx5gfIS3e
LTDvA6lTT+5NLBZNy7E8fudS7HNEHCRkWnvXC3NjylurHlOs7bzgEoVnFIjdfhaJ
214sVKsstAmWHfQ5iR82tzlYn2vb596uNxN/kBpshNpBh7orrVshg0vhC6aPQKmr
IBrzAQ9ZDTMHuZQ2pH1D+LXfGTiY3IHFi/tkfrMNnDcsrFhOQd446e6xiZt7Ci2J
B0AO5nMup0h7FTnA5MpSBoNiNwPOke3c9k9+q0nzRuw3VYLPhbk6HGL2ovTdvKuY
pOqiM4zzsw/xP7YXcBFcI27Y6z/bc5cxORE2juCWjcBzlaDR4JC5YyfVOXhwkQDz
9jXNO34wrHPlC7SVggexwphzocqTkP5hYyrhUPb9mBrE6e5Vcxs0/Mixfu/UwZeV
bvFVRhaS19P4MsajuDsw269GiOyjCQ3KZPhFMI1Wrf65AQ0EVpGMCgEIAMBMUK94
zpsTxymQVRE4ttFdJGGemiTEKK5PjrCaymZPGqHtiBYGdt0WtlNnIWOUzLoObFFc
+Yn7UQme+O0Qz73EFhamYIUhRZhgS7jneADod/2XiIs0E76svX1Zb2Gm6EowJq4k
iLGcvIkdpbaVUwbdTfU+ZUeBJVHvq62gsiZS/dU52ZK8o1e4ObgAUZmARP6fdKV6
KkXGhma7dKWDDPABaRJiWU0HdwUgHG8d3YqIPrc2lbkwCo7u3s7c193DgCujDkp+
CsxzF44hd/BNq5vNzg8tI/0cRuT0woTFaSvKty+DhI2thnM55ccxw4JSRyqHWCGr
pew8lbvkBFzF18cAEQEAAYkBHwQYAQgACQUCVpGMCgIbDAAKCRClo7ejHFRGscbk
B/0TEEZexfnbvtjQ5biKfuwnv5xG6vTSI+sIa9W0HSOGl2q0zlWgI+tV/Pr00PpN
5/axNMfMrHYyztSCMOW7ZaOpXLiF7dNkgLW2YzHzhA9dQsLXprvs1aFNwC540R18
KX190+lzQHCkjONS7eGhLCM7G156Xc11SABbTcqPpYLbsnNhFERe3BkzVUsuclAB
QshA/DG61wkp6axuTYMCrM3nKPjKn3peibc7gAaBklN5xf9/H2lBEKQ8RncUAH77
hV4cfGI3+aSGNkBQN7na1vZK8qO0uZXQN30SpHUkoRokOBtys/7u2+XpnhsdkqZS
fa4oRnT6D2bGbbXdehs6T3iZ
=plWJ
-----END PGP PUBLIC KEY BLOCK-----
More information about the Gnupg-users
mailing list