Mailing List Archive: GnuPG: users

digital signature primary key and encryption subkey

Index | Next | Previous | View Threaded

marcio.barbado at gmail

Nov 17, 2009, 7:00 PM

Post #1 of 8 (1286 views)
Permalink

digital signature primary key and encryption subkey

Hi list,
one lame confusion I'm facing now.

I was reading GnuPG's "Signing Subkey Cross-Certification" page [1],
and as a matter of fact, these two simple doubts did arise.

Suppose one provides the command:

gpg --gen-key

and chooses the default "DSA and Elgamal" option.

1st doubt:
DSA will be the basis for the primary key and Elgamal, the basis for
the encryption subkey, is this assertion correct?

if so, 2nd doubt is:
both my public and private keys will be built upon my DSA primary key
and my Elgamal encryption subkey?

That's all. Regards,

Marcio Barbado, Jr.

[1] http://www.gnupg.org/faq/subkey-cross-certify.en.html

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

dshaw at jabberwocky

Nov 17, 2009, 7:21 PM

Post #2 of 8 (1204 views)
Permalink

Re: digital signature primary key and encryption subkey [In reply to]

On Nov 17, 2009, at 10:00 PM, M.B.Jr. wrote:

> Hi list,
> one lame confusion I'm facing now.
>
> I was reading GnuPG's "Signing Subkey Cross-Certification" page [1],
> and as a matter of fact, these two simple doubts did arise.
>
> Suppose one provides the command:
>
> gpg --gen-key
>
> and chooses the default "DSA and Elgamal" option.

Note that the default is "RSA and RSA" now, but "DSA and Elgamal" are
still available.

> 1st doubt:
> DSA will be the basis for the primary key and Elgamal, the basis for
> the encryption subkey, is this assertion correct?

Yes.

> if so, 2nd doubt is:
> both my public and private keys will be built upon my DSA primary key
> and my Elgamal encryption subkey?

I'm afraid I don't really understand what you are asking. Your
primary key (DSA) has a public and private part, and uses the DSA
algorithm. Your subkey (Elgamal) has a public and private part, and
uses the Elgamal algorithm. Your subkey is signed by your primary key
to indicate that they belong together.

David

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

marcio.barbado at gmail

Nov 18, 2009, 5:49 AM

Post #3 of 8 (1204 views)
Permalink

Re: digital signature primary key and encryption subkey [In reply to]

Hi David,

On Wed, Nov 18, 2009 at 1:21 AM, David Shaw <dshaw [at] jabberwocky> wrote:
> On Nov 17, 2009, at 10:00 PM, M.B.Jr. wrote:
>
>> both my public and private keys will be built upon my DSA primary key
>> and my Elgamal encryption subkey?
>
> I'm afraid I don't really understand what you are asking. Your primary key
> (DSA) has a public and private part, and uses the DSA algorithm. Your
> subkey (Elgamal) has a public and private part, and uses the Elgamal
> algorithm. Your subkey is signed by your primary key to indicate that they
> belong together.

Your answer certainly covered more than I expected. Thank you.

So, public parts (from my primary key and my subkey) formed my public
key and the same goes to the private parts and my private key. Is that
correct?

Marcio Barbado, Jr.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

dshaw at jabberwocky

Nov 18, 2009, 6:38 AM

Post #4 of 8 (1198 views)
Permalink

Re: digital signature primary key and encryption subkey [In reply to]

On Nov 18, 2009, at 8:49 AM, M.B.Jr. wrote:

> Hi David,
>
>
> On Wed, Nov 18, 2009 at 1:21 AM, David Shaw <dshaw [at] jabberwocky> wrote:
>> On Nov 17, 2009, at 10:00 PM, M.B.Jr. wrote:
>>
>>> both my public and private keys will be built upon my DSA primary key
>>> and my Elgamal encryption subkey?
>>
>> I'm afraid I don't really understand what you are asking. Your primary key
>> (DSA) has a public and private part, and uses the DSA algorithm. Your
>> subkey (Elgamal) has a public and private part, and uses the Elgamal
>> algorithm. Your subkey is signed by your primary key to indicate that they
>> belong together.
>
>
> Your answer certainly covered more than I expected. Thank you.
>
> So, public parts (from my primary key and my subkey) formed my public
> key and the same goes to the private parts and my private key. Is that
> correct?

Yes. "Public key" is frequently shorthand for a number of public keys stuck together with some OpenPGP glue, and the same is true for private keys.

David
_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

marcio.barbado at gmail

Nov 18, 2009, 8:51 AM

Post #5 of 8 (1203 views)
Permalink

Re: digital signature primary key and encryption subkey [In reply to]

Thanks again, David.

The last dumb question, I promise, would be:

how can I see my primary key and my subkey as well?

On Wed, Nov 18, 2009 at 12:38 PM, David Shaw <dshaw [at] jabberwocky> wrote:
> On Nov 18, 2009, at 8:49 AM, M.B.Jr. wrote:
>
>> Hi David,
>>
>>
>> On Wed, Nov 18, 2009 at 1:21 AM, David Shaw <dshaw [at] jabberwocky> wrote:
>>> On Nov 17, 2009, at 10:00 PM, M.B.Jr. wrote:
>>>
>>>> both my public and private keys will be built upon my DSA primary key
>>>> and my Elgamal encryption subkey?
>>>
>>> I'm afraid I don't really understand what you are asking. Your primary key
>>> (DSA) has a public and private part, and uses the DSA algorithm. Your
>>> subkey (Elgamal) has a public and private part, and uses the Elgamal
>>> algorithm. Your subkey is signed by your primary key to indicate that they
>>> belong together.
>>
>>
>> Your answer certainly covered more than I expected. Thank you.
>>
>> So, public parts (from my primary key and my subkey) formed my public
>> key and the same goes to the private parts and my private key. Is that
>> correct?
>
> Yes. "Public key" is frequently shorthand for a number of public keys stuck together with some OpenPGP glue, and the same is true for private keys.
>
> David

Marcio Barbado, Jr.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

John at Mozilla-Enigmail

Nov 18, 2009, 1:20 PM

Post #6 of 8 (1202 views)
Permalink

Re: digital signature primary key and encryption subkey [In reply to]

M.B.Jr. wrote:
> Thanks again, David.
>
> The last dumb question, I promise, would be:

There aren't any dumb questions.

> how can I see my primary key and my subkey as well?

$ gpg --list-key 0x0x608d2a10
pub 1024D/608D2A10 2003-03-06
uid John P. Clizbe <JPClizbe [at] Earthlink>
uid [jpeg image of size 4563]
sub 2048g/EF4010D2 2003-03-06

608D2A10 is a 1024-bit DSA key. Subkey EF4010D2 is 2048-bit El Gamal.

--
John P. Clizbe Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or
mailto:pgp-public-keys [at] gingerbear?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

jmoore3rd at bellsouth

Nov 18, 2009, 4:34 PM

Post #7 of 8 (1190 views)
Permalink

Re: digital signature primary key and encryption subkey [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

John Clizbe wrote:
> M.B.Jr. wrote:
>> Thanks again, David.
>>
>> The last dumb question, I promise, would be:
>
> There aren't any dumb questions.

Yes, there are! They are the Questions that _were_never_ asked!

JOHN ;)
Timestamp: Wednesday 18 Nov 2009, 19:34 --500 (Eastern Standard Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Public Key at: http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Personal Web Page: http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJLBJKhAAoJEBCGy9eAtCsP3jcIAKOAy3S48Ngu+Ea+muRbr6Vl
ci/lWWJqH3OArDL0Y7baBvTzIoYzqsUCkLi9eJj5Xe9x5z2M0xm+yA0tt1SyPjHN
+eC/xdMNzVJA9QmVGteUgDdDjxisROqgZJGV81GsBdyc/KC7WP+O5F49zYl6fYb3
vRMqBVBtmZx0Obs50L5FbdCpcqXKR8MyKDZ36VZBWrt8TTm59FjauXhqn56s7E1m
VxeXItZCLmOmIpEoaEzH7TVds0g9GF0DfFG3An2fyaci0bGxNpkM15GFmkMTEPAb
Z9WzOdyCjr4GBEzBKCz6jxh4lFAE2/Ayh4hXezFWF31Pf8lbYR9ceIT14Moxtrg=
=eNLs
-----END PGP SIGNATURE-----

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

rjh at sixdemonbag

Nov 18, 2009, 5:34 PM

Post #8 of 8 (1198 views)
Permalink

Re: digital signature primary key and encryption subkey [In reply to]

John W. Moore III wrote:
> Yes, there are! They are the Questions that _were_never_ asked!

Japanese: 聞くのは一時の恥、聞かぬのは一生の恥
English: "If you ask, you'll feel stupid for a minute.
If you don't, you'll be stupid forever."

(The translation is pretty far from literal.)
_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads