GPG Keychain: feature request: option to export secret subkeys only

Nichol Brummer's Avatar

Nichol Brummer

16 Jan, 2017 07:07 AM

reading the best practices at riseup.net
https://riseup.net/en/security/message-security/openpgp/best-practices they give the advice that you can encrypt and sign using subkeys, so the main key is only necessary for certification of other keys. Then it makes sense to not export this main secret key e.g. to your android phone, as it may be at somewhat more danger of getting compromised than on your computer.

My request: when exporting secret keys, provide an option to export only the secret subkeys and not the main key.

Expected
It is not an impossible problem, but it would be a nice added option. Now it can be done with some hand- and footwork using gpg in the command line.

macOS           10.11.6     15G1212
GPG Suite       2016.10     28n     (172662f)
GPGMail         2.6.2       1172n   (f871731)
GPG Keychain    1.3.3b1     1250n   (cda0ef2)
GPGServices     1.11        918n    (872e77d)
MacGPG2         2.0.30      882n    (660b005)
GPGPreferences  2.0.2b1     910n    (e60baea)
Libmacgpg       0.7         776n    (82405d8)
pinentry        0.9.7       17n     (b75069d)
  1. Support Staff 1 Posted by Luke Le on 22 Feb, 2017 04:36 PM

    Luke Le's Avatar

    Hi Nichol,

    thank you for your proposal.
    We've created a ticket for it and this discussion will be automatically updated once we make progress on this issue.

  2. Steve closed this discussion on 04 May, 2017 02:46 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac