Mailing List Archive

Binding of an encryption key to an e-mail address
Hi all,
if a user A has a secret (signing/certification) key K and two e-mail
adresses A1 and A2, the OpenPGP key consists of the following packets:

* public key K packet
* user ID A1 packet
* signature packet over K and A1 signed with K
* user ID A2 packet
* signature packet over K and A2 signed with K

Is it possible to create encryption keys E1 and E2 bound respectively to
A1 and A2?

Looking at the packets after E1/E2 creation we got only public key
packets binding E1/E2 to K but not to the adresses:

* public key E1 packet
* signature packet over K and E1 signed with K
* public key E2 packet
* signature packet over K and E2 signed with K

How to create a signature packet over K, A1 and E1 signed with K in GnuPG?

/Ann.
Re: Binding of an encryption key to an e-mail address [ In reply to ]
On 2021-01-09 at 11:44 +0100, Annie Yousar via Gnupg-users wrote:
> How to create a signature packet over K, A1 and E1 signed with K in
> GnuPG?

Hello Ann

The best way would probably be to use two pgp keys: (K1, A1, E1) and
(K2, A2, E2)

You could have two keys (K, A1, E1) and (K, A2, E2) and selectively
handle one or the other, but they would be merged if someone imported
both.

Any reason not to create two keys?

Best regards


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users