On 03/14/2014 10:24 AM, Peter Pentchev wrote:
Hm, how exactly would this deal with the existence of multiple signing
subkeys, all associated with the same master public key? Your current
proposal explicitly allows for that, using the key IDs; I guess there
might be a need to include *both* the fingerprint of the master key
*and* some kind of identification of the subkey actually used for
signing.
Vincent's original spec says:
It is common for an OpenPGP key bundle to contain multiple keys that
are capable of producing signatures. For instance, this is the case
when the primary certification key and a subkey both have their signing
flags set (see Section 5.2.3.21 of RFC 4880). When a user wishes to
create a ring signature that includes a key ID in a bundle that
contains other keys capable of signing, it would make sense to include
all signing-capable keys in the ring signature.
But I'm not convinced by this last conclusion. Why include all the
signing-capable keys? I have a primary signing-capable key and a subkey
that is also signing-capable. When i sign this message, i will only
sign it with one of them. What is the rationale for including all the
keys? It seems like it just makes the signature creation take longer,
and i don't see the benefit. presumably the signing keys are likely to
be all controlled by the same person, right?
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp