On Thu, 20 Oct 2016 12:29, [email protected] said: > If I recall correctly, GPG private keys are stored under symmetric > encryption where a PBKDF derives the symmetric encryption key, > protecting the keys in case of compromise. Having separate passwords per > subkey implies that each key is encrypted and stored separately. This
Right. However, gpg tries to make sure that the same passphrase is used for the primary and the subkeys. This has always been the case. A new thing we do in 2.1 is to try a cached passphrase from any key on the keyblock. This solves the common use case to first decrypt a message (using a subkey) and then send a signed reply (using the primary key). Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgpkJ4MHAsf7n.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
