Separate Fingerprint for elGamal-Subkey?
|
View:
New views
4 Messages
—
Rating Filter:
Alert me
|
 |
Separate Fingerprint for elGamal-Subkey?
by Pitigrilli
::
Rate this Message:
Someone to whom I had recently sent my public key just called me to verify the Fingerprint of my key, created with gpg4win-1.1.3. I chose my key pair in the Windows privacy Tray and double clicked on it to tell him the fingerprint, and he confirmed it. The guy then told me "Now let's check the fingerprint of the elGamal-key." My reaction: "???". I could not find a separate fingerprint for the elGamal subkey (though threre is a respective subkey in my public key), neither with this software nor in the GNU privacy assistant. I did some research on the web and did not find any references to a separate "elGamal-fingerprint". Thus the guy insisted that his PGP-Software does display it (unfortunately I do not know which SW he uses). I thought that there is only one fingerprint and that this would be sufficient to confirm the integrity of the public key. Can any please provide me with some information? Thanks, Pitigrilli
|
|
|
Re: Separate Fingerprint for elGamal-Subkey?
by Robert J. Hansen-3
::
Rate this Message:
Pitigrilli wrote:
> I thought that there is only one fingerprint and that this would be > sufficient to confirm the integrity of the public key. Can any please > provide me with some information? Thanks, Pitigrilli rjh@chronicles:~$ gpg --fingerprint --fingerprint --list-key 0x5b8709eb pub 1024D/5B8709EB 2004-05-20 Key fingerprint = B3FE 45FB 64FD 9C26 8D7D A064 7AE5 1D9C 5B87 09EB << uid lines snipped >> sub 1024g/D0C6AAE4 2004-05-20 Key fingerprint = AB04 6B60 C352 390A BE98 F44D C8F7 33D0 D0C6 AAE4 sub 2048g/71E177DB 2007-03-20 Key fingerprint = 1946 3571 6DB0 8689 ECBA 3F9D 0083 E95E 71E1 77DB sub 2048D/8D02BBB3 2007-03-20 Key fingerprint = 400D F79C 49B5 2F00 8EC8 225D 7F65 C1CA 8D02 BBB3 Hope this example helps. _______________________________________________ Gnupg-users mailing list Gnupg-users@... http://lists.gnupg.org/mailman/listinfo/gnupg-users |
|
|
Re: Separate Fingerprint for elGamal-Subkey?
by David Shaw
::
Rate this Message:
On Fri, Oct 19, 2007 at 05:47:51AM -0700, Pitigrilli wrote:
> > Someone to whom I had recently sent my public key just called me to verify > the Fingerprint of my key, created with gpg4win-1.1.3. I chose my key pair > in the Windows privacy Tray and double clicked on it to tell him the > fingerprint, and he confirmed it. The guy then told me "Now let's check the > fingerprint of the elGamal-key." My reaction: "???". I could not find a > separate fingerprint for the elGamal subkey (though threre is a respective > subkey in my public key), neither with this software nor in the GNU privacy > assistant. I did some research on the web and did not find any references to > a separate "elGamal-fingerprint". Thus the guy insisted that his > PGP-Software does display it (unfortunately I do not know which SW he uses). > I thought that there is only one fingerprint and that this would be > sufficient to confirm the integrity of the public key. Can any please > provide me with some information? Thanks, Pitigrilli To list both primary and subkey fingerprints, just list --fingerprint twice: gpg --fingerprint --fingerprint However, you are correct that (outside of some special circumstances) the primary key fingerprint is sufficient. When you identify an OpenPGP key, you are really identifying the primary key. The user IDs are attached to the primary. When you sign a key for someone, you are signing the primary and user ID. Subkeys get their 'trust' via a signature from the primary key, not directly. David _______________________________________________ Gnupg-users mailing list Gnupg-users@... http://lists.gnupg.org/mailman/listinfo/gnupg-users |
|
|
Re: Separate Fingerprint for elGamal-Subkey?
by Sven Radde-3
::
Rate this Message:
Hi!
Pitigrilli schrieb: > I thought that there is only one fingerprint and that this would be > sufficient to confirm the integrity of the public key. All your subkeys are signed by your primary key (see "gpg --list-sigs", the lines with "sig" after each "sub" line). Therefore, verifying the fingerprints of subkeys is not necessary (or particularly sensible - IMHO) if the main fingerprint and its signatures on the subkeys are OK. cu, Sven _______________________________________________ Gnupg-users mailing list Gnupg-users@... http://lists.gnupg.org/mailman/listinfo/gnupg-users |
| Free embeddable forum powered by Nabble | Forum Help |
