Can a PGP subordinate key be used as a web of trust signing key?

No, not according to the OpenPGP Proposed Standard. A subordinate key (a subkey) cannot sign (certify) others' keys instead of the master key ( ...

Is the PGP Web of Trust / Keyserver infrastructure permanently ...

The basic idea is totally fine, but you have to be somewhat picky whom to trust (a.k.a. the Vouch, see link above). The concepts behind OpenPGP ...

Web of trust - Wikipedia

In cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a ...

What is the purpose of subkeys : r/GnuPG - Reddit

The web of trust aspects of PGP are often ignored, however large software projects which have multiple developers will often sign keys to ...

Why does GPG/PGP by default use different keys for signing ...

Technically it's entirely feasible and supported by GnuPG to create a signing AND encrypting sub-key. pub 2048R/YYYYYYYY created: 2013-08-13 ...

Comprehensive Yet Simple Guide for GPG Key/Subkey Encryption ...

Until a user requests for an update to your updated public GPG key, he/she will continue to use your 'old' GPG keys (including subkeys) and ...

OpenPGP: Web of Trust and Key Signing Parties (Part 2)

It consists of trust relationships between a group of keys. A key signature is used to establish the authenticity of the link between a public ...

GPG - why am I encrypting with subkey instead of primary key?

TL;DR Subkeys make key management much easier by separating the cryptographic functions of public keys from the trust and identity functions of ...

Key Management - GnuPG

Key signatures are also used in a scheme known as the web of trust to extend certification to keys not directly signed by you but signed by others you trust.

Key Management: Public/Subordinate key - Stack Overflow

Short version: keys are tagged and used for different types of functions. For example, the primary key must be a signing key. Subordinate ...

PGP Web of Trust: Delegated Trust and Keyservers - Linux Foundation

A trust-signature is basically a way to say: “if you trust my key, you may also give the same amount of trust to these keys I've trust-signed.”.

PGP and the Web of Trust - YouTube

Comments8 · Digital Certificates: Chain of Trust · Taming Kerberos - Computerphile · Managing Your PGP Keys · Prime Numbers & RSA Encryption ...

Subkeys - Debian Wiki

OpenPGP further supports subkeys, which are like the normal keys, except they're bound to a primary key pair. A subkey can be used for signing ...

GPG - Juan Cruz Viotti

Web of trust · The responsibility of validating public keys is delegated to people you trust · You automatically trust anyone that the people you trust has ...

How to Sign Keys and What is the GPG Web of Trust? - YouTube

This is a guide to using YubiKey as a SmartCard for storing GPG encryption, signing and authentication keys, which can also be used for SSH.

Validating other keys on your public keyring - GnuPG

In that case, she would not take Chloe's and Dharma's key as valid based on Blake's signatures alone. The web of trust model accounts for this by associating ...

Does the gateway support the web of trust? - CipherMail

The gateway does not trust a PGP key by default. A key which is not trusted is not used for signing or encryption. A key can ...

Anatomy of a GPG Key - Dave Steele's Blog

Subkeys need only be self-signed (which is automatic). Trust from external signatures is provided transitively. (Edit - 19 Apr 2015) gpg ...

How PGP works

You might think of a PGP certificate as a public key with one or more labels tied to it (see Figure 1-9). On these 'labels' you'll find information identifying ...

Key Management

PGP defines a web of trust to certify a key really belongs to a user. A user can claim complete or partial trust in the identity of another user. This is a ...