On Tue, Oct 11, 2005 at 01:44:53PM -0700, Jon Callas wrote:
On 5 Oct 2005, at 2:11 PM, Hal Finney wrote:
0x18: Subkey Binding Signature
This signature is a statement by the top-level signing key
that
indicates that it owns the subkey. This signature is
calculated
directly on the subkey itself, not on any User ID or other
packets. A signature that binds a signing subkey also has an
embedded signature subpacket in this binding signature which
contains a 0x19 signature made by the signing subkey on the
primary key.
The signature is actually calculated over both the primary key and
subkey packets, although here it says it is not calcualted over any
other packets.
(A separate issue is that the last sentence here should have a SHOULD:
"A signature that binds a signing subkey SHOULD have an embedded...")
Done.
Wondering - should the embedded 0x19 signature be a MUST? Lacking a
0x19 allows the signing subkey to be "stolen" onto another primary
key.
David