Quantcast

how to create a non default PGP master key?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

how to create a non default PGP master key?

Lou Wynn

Hi,

I want to create a master encryption RSA key without self signature on it, or to sign it with another key during the generation process. What's the best way to do it?

When I follow example code to create either a PGPSecretKey or PGPKeyRingGenerator, the default behavior is generating a self-signature using the private key, and this fails when the key pair is a standalone encryption key. Can anyone point me to a good starting place to code what I want?

-- 
Thanks,
Lou
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: how to create a non default PGP master key?

David Hook

By convention master keys are supposed to be signing keys. If you want to sign multiple keys with another key the best approach is to establish the signing key as the master and then sign encryption subkeys off it.

Regards,

David

On 03/01/17 19:03, Lou Wynn wrote:

Hi,

I want to create a master encryption RSA key without self signature on it, or to sign it with another key during the generation process. What's the best way to do it?

When I follow example code to create either a PGPSecretKey or PGPKeyRingGenerator, the default behavior is generating a self-signature using the private key, and this fails when the key pair is a standalone encryption key. Can anyone point me to a good starting place to code what I want?

-- 
Thanks,
Lou


Loading...