@matthew_d_green the OpenPGP applet on a Yubikey gives you 3 slots: signing, encryption, and authentication...
@dvanduzer @matthew_d_green one primary (signing) key can have multiple enrolled subkeys. It's a "has many" relationship
-
-
@bascule@matthew_d_green right, the signing key "publishes" an encryption key (by signing it) so you can airgap your identity or something -
@dvanduzer@matthew_d_green but they're long-lived keys, and you can also sign signing subkeys (or auth keys) -
@bascule a separate operation to *sign* a subkey? not sure what else creates the relationship other than signing with the primary. -
@dvanduzer it's just signing a signing key, kind of like an intermediate CA -
@bascule all this hullaballoo is about isolating the primary key as your DIGITAL IDENTITY which is a terrible, horrible lie. -
@dvanduzer see this email for my thoughts on that: https://www.mail-archive.com/messaging@moderncrypto.org/msg01296.html …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.