@bascule Wha?
@dvanduzer @matthew_d_green there are also signing subkeys in addition to auth subkeys! :o
-
-
@dvanduzer@matthew_d_green also I don't make this stuff. I'm just trying to figure out how it works -
@bascule@matthew_d_green oh, I'm not doubting that. keeping crypto obscure is in the commercial interest of crypto vendors.
End of conversation
New conversation -
-
-
@bascule@matthew_d_green reading up a bit, subkeys are *roughly* similar to the function of encryption keys re: forward secrecy -
@dvanduzer@matthew_d_green one primary (signing) key can have multiple enrolled subkeys. It's a "has many" relationship -
@bascule@matthew_d_green right, the signing key "publishes" an encryption key (by signing it) so you can airgap your identity or something -
@dvanduzer@matthew_d_green but they're long-lived keys, and you can also sign signing subkeys (or auth keys) -
@bascule a separate operation to *sign* a subkey? not sure what else creates the relationship other than signing with the primary. -
@dvanduzer it's just signing a signing key, kind of like an intermediate CA -
@bascule all this hullaballoo is about isolating the primary key as your DIGITAL IDENTITY which is a terrible, horrible lie. -
@dvanduzer see this email for my thoughts on that: https://www.mail-archive.com/messaging@moderncrypto.org/msg01296.html …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.