On Thu 2017-06-01 10:33:23 +0100, Andrew Gallagher wrote: > When multiple A-usage (sub)keys are found on a user's key, all valid > ones are by default emitted when exporting ssh public key blocks. It > would be nice if there was some identifier (e.g. long ID) in the > comments of these ssh pubkeys to identify which A key they correspond > to - this would be helpful in situations where only some of the A > privkeys are available (e.g. a smartcard).
This sounds like a reasonable request, though i personally don't like key IDs in general [0]. What would you think about the full fingerprint of the subkey? is that too long? at least it would be unspoofable. If we're going for something that can be spoofed/confused, what about the date of the subkey or something else that's more human-readable? --dkg [0] https://debian-administration.org/users/dkg/weblog/105
signature.asc
Description: PGP signature
