Binding of an encryption key to an e-mail address

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Binding of an encryption key to an e-mail address

GnuPG - User mailing list

Hi all,
if a user A has a secret (signing/certification) key K and two e-mail adresses A1 and A2, the OpenPGP key consists of the following packets:

  • public key K packet
  • user ID A1 packet
  • signature packet over K and A1 signed with K
  • user ID A2 packet
  • signature packet over K and A2 signed with K

Is it possible to create encryption keys E1 and E2 bound respectively to A1 and A2?

Looking at the packets after E1/E2 creation we got only public key packets binding E1/E2 to K but not to the adresses:

  • public key E1 packet
  • signature packet over K and E1 signed with K
  • public key E2 packet
  • signature packet over K and E2 signed with K

How to create a signature packet over K, A1 and E1 signed with K in GnuPG?

/Ann.



_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Reply | Threaded
Open this post in threaded view
|

Re: Binding of an encryption key to an e-mail address

Ángel
On 2021-01-09 at 11:44 +0100, Annie Yousar via Gnupg-users wrote:
> How to create a signature packet over K, A1 and E1 signed with K in
> GnuPG?

Hello Ann

The best way would probably be to use two pgp keys: (K1, A1, E1) and
(K2, A2, E2)

You could have two keys (K, A1, E1) and (K, A2, E2) and selectively
handle one or the other, but they would be merged if someone imported
both.

Any reason not to create two keys?

Best regards


_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users