On 12 Oct 2005, at 6:55 AM, Werner Koch wrote:
On Tue, 11 Oct 2005 22:50:34 -0400, David Shaw said:
I support making 0x19 backsigs a MUST.
I concur with David. I am actually a heavy user of signing subkeys
because they allow to keep the primary key offline.
Section 10.1 says:
Each Subkey packet MUST be followed by one Signature packet, which
should be a subkey binding signature issued by the top level key.
For subkeys that can issue signatures, the subkey binding signature
MUST contain an embedded signature subpacket with a primary key
binding signature (0x19) issued by the subkey on the top level key.
And I think this does make it a MUST.
If there should be anything else (or this is wrong, unclear, etc.),
just let me know.
Jon