In the interest of learning and understanding, is there a use case where one might actually want to export a sub-key without exporting the primary key? My immediate thought would be if I want to generate sub-keys for each specific device, (e.g.) one for my laptop, one for my iPad, etc. In that case, wouldn’t I want to just export the relevant sub-key to import on a specific device? This is where the learning and understanding part comes in: If I were to do this, am I correct that I might I only be able to sign things on the devices with the sub-keys, but would not be able to decrypt anything or verify signatures? For example, I could write an Email on my iPad and sign it with the iPad’s sub-key, but if someone encrypted a reply using that sub-key, I would not be able to decrypt it, say, on my iPhone. I’m just trying to better understand what can and can’t be done with sub-keys in order to figure out how I should best be using them — and, if my understanding is flawed, whether there really might be a use case for exporting just a sub-key without the primary.
Steve > On Jun 1, 2026, at 5:04 AM, Robert J. Hansen via Gnupg-users > <[email protected]> wrote: > > Signed PGP part >> Another bug the community can confirm. This is a separate issue 'can't >> export subkeys or private keys' There are various options to export secret >> and public keys and subkeys. Steps to repro: export any subkey and the >> primary is always included. Export any private key and the public key is >> always included. What would you say at this rate that is about 20% of your >> frontend GnuPG malfunctioning. > > I would say this behavior goes back to PGP 5.0, so for you to be correct I'd > need to believe this bug had been hiding in plain sight for thirty years. Or > I could simply realize, "this is the standard behavior ever since PGP 5.0," > and move on. > > I elect for option two. I recommend everyone else do the same. > > _______________________________________________ > Gnupg-users mailing list > [email protected] <mailto:[email protected]> > https://lists.gnupg.org/mailman/listinfo/gnupg-users
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Gnupg-users mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-users
