On 21/04/2020 11:40, Romain Lebrun Thauront via Gnupg-users wrote: > I'm using a web mailer called ProtonMail which offer in-browser > cryptography. For that I have to upload some encrypted secret key with > signing and encrypting capabilities to their servers. But their software > wont accept that I upload only the "secret subkeys" keys, without the > "secret master key" key.
This is a potentially interesting hack. I don't see any reason in principle why you can't construct such a key, since the mathematics of keys and subkeys is identical. But there is a big wrinkle coming, and that is how such a mangled key would be understood in practice. If someone were to send you a mail encrypted to your "real" key, would Protonmail understand that it has the correct key material available to decrypt it? After all, the "fake" key that Protonmail knows would have a different (primary) fingerprint from the one your correspondent used to encrypt. It might be possible IFF protonmail tests only the fingerprint of the encryption subkey and ignores that of the primary, but that would be an implementation detail. If you do get it to work though, I would be very interested in your method. :-) -- Andrew Gallagher
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
