On Mar 14, 2014, at 7:24 AM, Peter Pentchev <roam(_at_)ringlet(_dot_)net> wrote:
Hm, how exactly would this deal with the existence of multiple signing
subkeys, all associated with the same master public key? Your current
proposal explicitly allows for that, using the key IDs; I guess there
might be a need to include *both* the fingerprint of the master key
*and* some kind of identification of the subkey actually used for
signing.
Well, today, the KeyID is exactly that -- the identifier for a key. You have to
backtrack from the signing key to its owner in your key database. There's
nothing to stop me from using the same signing key in multiple masters. Despite
any distress that may give, it can't be stopped, so we might as well embrace it.
Jon
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp