ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: OpenPGP Sub Keys (Was: key flag for authentication)

2003-06-16 04:40:35
from [Imad R. Faiad] [Permanent Link] 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Greetings,

On Mon, 16 Jun 2003 09:18:09 +0100, you wrote:


Imad R. Faiad wrote:

I would like to propose that signing sub keys be disallowed 
in OpenPGP.


This would stop people keeping their master signing key on a more secure
offline machine, and using it to sign shorter-lifetime signing subkeys
which can be used on a day-to-day basis to sign messages :(


If you are so paranoid, why don't you keep all your PGP keys
in a "more secure offline machine" and use PGP solely on it?
Should you have a need for shorter-lifetime signing keys,
just generate master keys explicitly for that purpose.

As I understand it, sub keys are only justified in the following
circumstances:-
1) When the public key algorithm does not support encryption 
(e.g. DSA).
2) In agreement with a school of thought, which recommends that
   it is good practice not to use the same key for signing and
   encryption.


(2) is vital in countries where decryption but not signature keys can be
seized by law enforcement agencies and others:
http://www.acsac.org/2000/papers/47.pdf


If indeed you have such needs, there is nothing to preclude from generating
two distinct keys, one for signing and the other for encryption.

Any other arguments beyond the above, are just 
eccentricities, and will be better addressed by creating another key.


Another "eccentricity" I am fond of is short-lifetime encryption subkeys
that can be deleted once they have expired, reducing the impact of the
above-mentioned key seizure powers. I currently (manually) generate such
keys valid for one month; if I ever got round to automating this, I
would go for a week or less...
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xA127BBD5


I think there is a very serious flaw in the OpenPGP WOT when
it comes to v4 keys, sub keys literally have blown a hole in it,
and created a nice backdoor resulting in what I call a Web of Mistrust...

Whatever one feels about sub keys, I think that this WOT
issue ought to be addressed.

my 2c

Best Regards

Imad R. Faiad


-----BEGIN PGP SIGNATURE-----
Version: 8.0.2irf
Comment: KeyID: 0xBCC31718833F1BAD
Comment: Fingerprint: 75CD 96A7 8ABB F87E  9390 5FD7 2A88 4F45

iQEVAwUBPu2zebzDFxiDPxutAQIQngf9GB9yLk1k1MzwdFUWQe31MlTeVyO24pQh
VXzKv4OGOsswa2eKJzSnCfNVapHEjKIWKeqaAQVifEP6Ifk6yav6lzxT9PlwWNn7
abmUmfuWK9oybzl/eknCiZ6BjwNIlhLwawrVMlSpSWpDoAWstIMzehi4egi85w7f
Ytmi9VCqxG+KfLyf0rwWygSpO/N1N/HKevLlx3tpr6HTXeRh+5TIa2n3G9P9hAKr
ZL8Fs4g++YWqju3YA4f8/c7nfPGqSd69JsgvXkhfPJ/Hm8rG3rMCaRkuQxaDCIUk
ut4zypqmjK2PXnAah7HC8INX9Fq2mlR36ymB0Um6C13Qo3fX1hujNw==
=wTgt
-----END PGP SIGNATURE-----
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: OpenPGP Sub Keys, Werner Koch
Next by Date:  Re: OpenPGP Sub Keys (Was: key flag for authentication), Imad R. Faiad
Previous by Thread:  Re: OpenPGP Sub Keys, Werner Koch
Next by Thread:  RE: OpenPGP Sub Keys (Was: key flag for authentication), Ian Brown
Indexes:  [Date] [Thread] [Top] [All Lists]