[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Does the Debian gpg key infrastructure support multiple sub-keys?

On Fri, Oct 22, 2004 at 09:09:53PM -0300, Henrique de Moraes Holschuh wrote:
> On Fri, 22 Oct 2004, Rob Browning wrote:
> > If I added a new sign/encrypt sub-key to my Debian key, would I be
> > able to use that to sign and upload packages?  Would the Debian
> 
> Yes, mostly.  Some stuff (db.d.o and vote.d.o come to mind, but I am not
> sure about that) require you to always sign using the master key.

db.debian.org for sure requires you to use your master key to do things
like changing your SSH public key, or your password.

Last time I voted I asked Manoj about it, and he said he was babysitting
GnuPG to handle subkeys I believe. Manoj, what is the status of a newer,
more function GnuPG on master for devotee?

> The archive tools don't care and will use subkeys happly, as they
> should (either that, or debsign is being quite ingenuous and telling
> gpg to always use the master key :-) thus I never noticed any
> problems).

The archive tools do work fine with subkeys. I don't even have my main
key on my primary workstation, and always use my signing subkey to
upload packages with.

-- 
gram
Reply to: