On 05/27/2018 11:32 AM, Neal H. Walfield wrote:
On Fri, 25 May 2018 12:26:54 +0200,
Leo Gaspard wrote:
Another use case supporting this opinion: certification subkeys are also
a way to increase the security of an offline OpenPGP key, as with them
it becomes possible to put the master key behind a diode while still
being able to certify keys, and only ever move data out:
FWIW, this workflow does not require certification subkeys. You can
instead create two keys, an offline key and an online
certification-only key. Then, you *t*sign the certification key using
the offline key. This means that anyone who adds your offline key as
a trusted introducer will automatically trust your online
certification key. Check out Section 6.3.12 of the following text for
more details:
https://gnupg.org/ftp/people/neal/an-advanced-introduction-to-gnupg/an-advanced-introduction-to-gnupg.pdf
:) Neal
Indeed it's already possible, the issue with this solution being that
people willing to rely on signatures by the master key now need to
download two keys (the master key and the trusted introducer), and
another one after any compromise, while certification subkeys are
downloaded and updated at the same time as the master key, thus making
for more easy-to-use WoT.
Then, I do agree that it's a somewhat infrequent use case, which is the
reason why I did not post it here until you came with a more convincing
one :)
Leo
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp