On Wed, Sep 30, 2015 at 2:00 AM, Werner Koch <wk(_at_)gnupg(_dot_)org> wrote:
On Tue, 29 Sep 2015 20:40, dkg(_at_)fifthhorseman(_dot_)net said:
v4 key and wrap it in a v5 packet, thereby producing a "new key" that's
actually the "same key". So claiming that key material can only be used
as *either* v4 or v5 wouldn't quite be correct.
FWIW: I was thinking about this but that is not limited to OpenPGP. I
can use the same key material for an OpenPGP key, an X.509 key, and an
SSH key. This is actually sometimes useful if you have a single key on
a smartcard.
Have you conducted a proper cross-protocol analysis of what data each
key type is used to sign showing that this interaction doesn't lead to
bad things happening?
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
--
"Man is born free, but everywhere he is in chains".
--Rousseau.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp