-----BEGIN PGP SIGNED MESSAGE-----
Clive Jones wrote:
I don't think what you're trying to do is a good idea.
I appreciate your concerns, but I do not share your conclusions.
The care I take with a key and its passphrase *is* related to its
value, which is in turn related to its lifetime. I may use a simpler
passphrase for a key that deals with short-term messages than ones
that guard other personal data or that signs other keys. I also
attach a shorter expiration time to those less valuable keys.
I also believe that the more a key is used, the greater chance
of a compromise to due malice *or accident*.
The ability to generate new subkeys seems to match my model.
If my subkey were always as valuable as my master key, why would
I ever generate another subkey?
If the keys have different values, why is it unreasonable to
allow different passphrases? No, it's not the only (or even
best) way to mitigate risk, but I believe it can help.
You suggest:
Isn't it far simpler just to make a separate key-signing key, rather
than looking for a way to do this with subkeys? This is certainly a
method a lot of people have used for years.
I am doing just that. The *only* reason that it is simpler is that
the tools have this limitation. This requires that human beings
recognize that these keys are related (or grant my key-signing key
greater trust than otherwise necessary).
When PGP moved to DSA/DH, this could have been the solution: simply
have two independent keys. That would have been just as unwieldy.
The master/subkey approach recognizes the utility in the tools
understanding a relationship between the keys. That utility does not
depend on the keys having equal value -- in fact, it suggests the
opposite -- nor does it depend on them having the same passphrase.
I'm not suggesting that the tools shouldn't make it easy for someone
to use the same passphrase for all the related keys -- clearly that
suits most people's needs. I'm simply suggesting that they should
allow for more advanced use. And certainly, when faced with
an imported OpenPGP-compliant master/subkey group with different
passphrases, it ought to behave reasonably.
And for what it's worth, GNUPG does behave. (Thanks, Werner :-).
PGP6 does not. I can't buy a personal PGP7 yet (or see source),
so for it, I can't say.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3
iQEVAwUBOoI3ZWNDnIII+QUHAQFBjQf6A10ScY8GV9m6QiIg2pWQw450rJI2h4KN
wmbt5qi+sGnSttzk+kUroY+FKc2yfp1kmgW9Ru1RVIyUo7EU6gZEDc7MbQIt1vZE
i2sxtk8E/0dPyYF2hamlAqAMAkRocHiYrbAWHfVAKQRfYKlNVGrOnHnlrlcdjz/Y
d3zB6UxaJMReKk3tW+lsavd6ORtiaQDe7e0FZpoy+xsQwjmr3ZeuqY3BZt+74XOF
RzpqVwNh5E1pKKMFwRtvLNfYkY6guwICGmpnp2/s67VFEUKxVoeioRBDywg6Ibd3
ZYZZY0E0mZRQLwrL2zWB0dL5J4cxSbqTCf3QwSBTUspYfIMflMVs0w==
=zYrC
-----END PGP SIGNATURE-----