headers
Daniel A. Nagy | 1 Feb 2009 18:49

Re: "Roles" for subkeys?!

Hi,

Christoph Anton Mitterer wrote:
> On advantage of subkeys is that one can use them independently from the
> primaries, I mean you don't need a copy of the primary private key to
> decrypt data encrypted with a public encryption subkey, or you don't
> need it to sign data with the secret signing subkey.
> gnupg even has some options to create such crippled keys, and they're
> good to use in e.g. less secure like my work PC where every sysadmin
> have access to (Klaus, if you read this, it's not that I wouldn't trust
> you ;) )...

As far as I know, this is the primary use case for subkeys. I have a different
signature subkey on every computer that I use and the same encryption subkey.
The primary key is not installed anywhere.

> So far I don't need subkey roles,... but the problem now is,...
> 
> 1. When some of my LHC/LCG/Grid/etc contacts sends me encrypted data,...
> he doesn't know which encryption subkey to choose, as you've said.
> And thus I'll be probably unable to decrypt the message (at least at
> work).

I think that having different encryption subkeys is pointless. While it is not
in the standard (maybe it should), all OpenPGP implementations encrypt to the
most recent valid encryption subkey.

> 2. When I make signatures with my different subkeys, I'd like that
> people see it when I used my not-so-secure work signing subkey (perhaps
> something that the user agent adds like <User ID> + "(this is my
(Continue reading)

Permalink | Reply |
headers
Christoph Anton Mitterer | 1 Feb 2009 19:15
Gravatar

Re: "Roles" for subkeys?!

Hi Daniel.

On Sun, 2009-02-01 at 18:49 +0100, Daniel A. Nagy wrote:
> As far as I know, this is the primary use case for subkeys. I have a different
> signature subkey on every computer that I use and the same encryption subkey.
> The primary key is not installed anywhere.
That's what I do, but additionally I have multiple encryption subkeys.

> I think that having different encryption subkeys is pointless.
Why? If I'd only have one single encryption subkey and if I'd store it
(including the private key) at work. Klaus our evil sysadmin (just
kidding ;) ) would not only be able to read my business mail, but also
encrypted data sent to my home-address. Or am I messing something up?

> While it is not
> in the standard (maybe it should), all OpenPGP implementations encrypt to the
> most recent valid encryption subkey.
I think that's the default (even with signing subkeys),... but e.g. in
gnupg you can simply specify the key you want to use, if I recall
correctly.

> > 2. When I make signatures with my different subkeys, I'd like that
> > people see it when I used my not-so-secure work signing subkey (perhaps
> > something that the user agent adds like <User ID> + "(this is my
> > unsecury work signing key)".
> Not a bad idea. I think using the user id with your work email address in the
> corresponding subpacket would accomplish this.
Yes, but this wouldn't tell anybody which subkey to use in case of
encryption or to expect in case of signing.
(Continue reading)

Permalink | Reply |
headers
Christoph Anton Mitterer | 1 Feb 2009 18:21
Gravatar

"Roles" for subkeys?!

Hi WG!

Let me just pick the following from another thread up and fork it here:

On Sat, 2009-01-31 at 22:17 -0500, David Shaw wrote:
Subkeys aren't really usable for roles.
> I've always missed that,...

User IDs make great roles.   
> Subkeys can be used by anyone who cares to, so if you have two  
> encryption keys, even though you intend one for "home" and one for  
> "work", you have no way to tell me which one you want me to use, and  
> even if you did, I could use the other one if I wanted to.
On advantage of subkeys is that one can use them independently from the
primaries, I mean you don't need a copy of the primary private key to
decrypt data encrypted with a public encryption subkey, or you don't
need it to sign data with the secret signing subkey.
gnupg even has some options to create such crippled keys, and they're
good to use in e.g. less secure like my work PC where every sysadmin
have access to (Klaus, if you read this, it's not that I wouldn't trust
you ;) )...
So far I don't need subkey roles,... but the problem now is,...

1. When some of my LHC/LCG/Grid/etc contacts sends me encrypted data,...
he doesn't know which encryption subkey to choose, as you've said.
And thus I'll be probably unable to decrypt the message (at least at
work).

2. When I make signatures with my different subkeys, I'd like that
people see it when I used my not-so-secure work signing subkey (perhaps
(Continue reading)

Permalink | Reply |

Gmane