Discovered at
https://github.com/open-keychain/open-keychain/issues/2260 is a
bizarre construct, where a key is its own subkey.
gnupg should notice this misconfiguration and reject the key.
Description
Description
Event Timeline
Comment Actions
I can't see why this should be out-of-spec. In fact I did this my self several times to create keys from other keys.
I agree that a warning might be justified.
Comment Actions
a key that is signed as its own subkey, in a construct where the key and subkey have the same fingerprint? what ever could be a valid use case for such a scenario?
Comment Actions
You have a token with one spare key which you want to use for encryption and certification. And being able to replace the encryption subkey eventually.
Comment Actions
Sorry, I don't understand. Can you describe your use case in more detail?
\\ edit
Ah, scratch that, I think I got it.
The use case as I understand it occurs due to gnupg's way of binding token keys to specific keys in the keyring, which is an implementation detail. I suspect that any user that attempts to do something like this who is not a developer of openpgp software will only get burnt, and I don't see how that is worth losing the identity property of fingerprints in a keyring.