[no cc:s please] On Thursday 30 October 2003 00:17, Trevor Perrin wrote: [subkey signatures - embedding the primary to avoid misattribution] > The case I was thinking of, where key re-use might occur, is in something > like a smartcard, or a delegated signing server. This might have limited > key storage, or it might not be able to generate new keys (not enough > power, or not enough randomness). If different users share the device, > they each might want to certify the device's subkey as belonging under > their own primary key. > > The device would want to make sure each of it's signatures are attributable > to the right primary key. If every signature is a back-signature, this is > accomplished. The hash of the primary would be over the public key? So the holder of the secret subkey can make his subkey signature appear to come from whatever primary he wants, he doesn't need the secret (primary) key. So, in your scenario, sharing the secret subkey will effectively mean that each can make signatures that will verify with the other's primary. Or do I misunderstand someting here? cheers -- vbi -- featured product: vim - http://vim.org
Attachment:
pgpFONtSrFrPT.pgp
Description: signature