[Enigmail] Signing subkey - different key id.
ushills
web at ushills.co.uk
Fri Feb 6 02:20:18 PST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I need to see if I have done this correctly, I have created a signing
sub-key as recommended on this mailing list to sign emails on less
trustworthy machines without exposing my primary key.
However, when opening the email the signature does not reference my
primary key and therefore from my perspective appears to indicate that
the email could be sent from someone pretending to be me with a key
they have created themselves.
My primary key id is 0xBE7E87FD, however all signatures come across as
0xCA265DC6 is this how it is supposed to work. I have attached my
public key, can someone verify that this has come from the correct
identity.
Also, I set a different passphrase for the signing sub-key, however,
when sending from thunderbird I have to enter the passphrase from my
primary key not the sub-key, is this correct - it doesn't appear to be
as I do not want any potential key logger to grab my primary key
passphrase however I don't mind it grabbing my sub-key passphrase as I
can revoke that sub-key and create another easily.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFJjA7i99A+Y8omXcYRAkdPAJ9kxbdEEMlpOuUFwgiEW2sFYVEeZgCfVbAZ
6YH+/2T7fz6AIxcupQ8hNjI=
=P/Cz
-----END PGP SIGNATURE-----
More information about the Enigmail
mailing list