Hi Peter, Well, that got me thinking, and, I generated some dummy keys with gpg from gnupg-1.4.21-1.fc24.x86_64, gpg2 from gnupg2-2.1.13-2.fc24.x86_64, and neither gpg or gpg2 enabled the authentication capability on the signing key. However, when generating dummy a key with enigmail from thunderbird-enigmail-1.9.6-1.fc24.noarch, enigmail does enable the authentication capability on the signing key. This is NOT because of gnupg defaults, this is problem with enigmail. I still wish there was an easy way to turn off this capability on existing keys.
Thank you, Roy A. Gilmore On 12/05/2016 03:18 AM, Peter Lebbing wrote: > On 05/12/16 00:09, Andrew Gallagher wrote: >> Mathematically, authentication is just a special case of >> signing, so having both S and A on a subkey does not introduce extra >> vulnerabilities (that we know of). > Mathematically, I think you're wrong, it's very vulnerable :-). > Authentication is signing the challenge sent to you by someone else, > signature is signing the data you wish to approve of in some way. So if > I can send you a challenge that would turn into a nice signature of you > authorizing a bank payment to me, that would be easy money. > > However, in practice, a challenge has a different format than a data or > key signature, and they can be differentiated. This isn't math, though. > For RSA, you still do the modular exponentiation of RSA. > > When I brought up the issue some time ago here, I got no response, so I > concluded it's not a problem. I was worried that some future > authentication mechanism might actually produce the same data structure > as a normal signature, but the lack of shared concern made me think it's > probably not an issue then. > >> in such cases it's safer to revoke the key and start >> again. > If this is a signature /subkey/, they can be rotated willy-nilly. Expire > the current signature key, create a new one and delete the private part > of the old signature key. It doesn't need to be revoked. > > Which defaults produce an authentication-capable key by the way? I don't > remember seeing that. > > HTH, > > Peter. > _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
