[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: PoP & Signer's User ID subpacket?
Sure, this is fine... Theoretically the real key owner should have
access to both private keys at the same time, so this shouldn't be an
issue. Using a subpacket is fine. I still belive this is a MUST ;)
David Shaw <dshaw@xxxxxxxxxxxxxxx> writes:
> > I think this is exactly where a notary-style double-signature is
> > useful (and should be required as a MUST).
> So, the primary signs the subkey as before and then the subkey
> notarizes (0x50 sig) this signature? That sounds good, but we'll end
> up with two signature packets after the signing subkey. I'm afraid it
> would be likely to confuse pre-2440bis implementations which don't
> expect to see that extra signature there.
> If we put the subkey-on-primary signature IN the original
> primary-on-subkey signature (as a new subpacket), then it won't break
> older implementations.
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@xxxxxxx PGP key available