ietf-openpgp
[Top] [All Lists]

RE: OpenPGP Sub Keys (Was: key flag for authentication)

2003-06-16 01:18:18

Imad R. Faiad wrote:
I would like to propose that signing sub keys be disallowed 
in OpenPGP.

This would stop people keeping their master signing key on a more secure
offline machine, and using it to sign shorter-lifetime signing subkeys
which can be used on a day-to-day basis to sign messages :(

As I understand it, sub keys are only justified in the following
circumstances:-
1) When the public key algorithm does not support encryption 
(e.g. DSA).
2) In agreement with a school of thought, which recommends that
   it is good practice not to use the same key for signing and
   encryption.

(2) is vital in countries where decryption but not signature keys can be
seized by law enforcement agencies and others:
http://www.acsac.org/2000/papers/47.pdf

Any other arguments beyond the above, are just 
eccentricities, and will be better addressed by creating another key.

Another "eccentricity" I am fond of is short-lifetime encryption subkeys
that can be deleted once they have expired, reducing the impact of the
above-mentioned key seizure powers. I currently (manually) generate such
keys valid for one month; if I ever got round to automating this, I
would go for a week or less...
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xA127BBD5