ietf-openpgp
[Top] [All Lists]

Re: [openpgp] Fingerprints

2015-04-24 19:57:15
On Mon, 2015-04-20 at 18:18 +0200, Vincent Breitmoser wrote: 
Definitely in favor of including key usage flags. I can't think of a
reason these should ever be mutable over the lifetime of a key, at least
in the incarnation of the key material identified by one fingerprint.

Or actually, we should perhaps make primary keys to be generally
certifying-only keys.

Not sure about that, primary keys with more than C capability can have
legitimate use cases.
But that in case makes a valid use case where one wants to change the
the usage flag.
E.g. consider you have a private key where you want to add/remove enc or
signing flags.

IMHO, having subkeys is extremely cheap, probably even for very lowcost
embedded systems (don't even the OpenPGP cards support multiple keys
these days).

So there should be no reason where you every really need to change the
usage of an existing primary/sub key,... just create a new one (which is
probably even more secure).


It may be even possible to let the keyservers benefit from this:
Conceptually the keyservers should never remove primary keys (and their
direct signature) for security reasons (this would mean one would also
loose revocations, etc.)
For historical reasons, I'd also say, they should never remove signing
subkeys (because another user may need it 20 years later to verify a
signature).
But in principle there's no strong reason to keep the enc keys after
these have been revoked or expired (of course the revocation and the
subkey binding sigs must be kept).



Cheers,
Chris.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
<Prev in Thread] Current Thread [Next in Thread>