Help understanding gpg keys
 

From the Dshield list I downloaded a gpg key.

The name of this person is ' Johnnes Ullrich <jullrich@sans.org> '

I saved his keys as ' PGPKEYS '

I just opened the 'gedit' program and saved it.

The name of file or rather this key is ' PGPKEYS '.

Afterwards, I use the import command to attach the key onto my keyring.

It worked fine.

However, it gave me a lot of keys. I think 15 keys. What do they mean? I expect a single key. If you download my key it is a single key.

Please read the following:

---------------------------------------------------------------------------------------------------------------

[root@c83-250-100-230 Download]# gpg --import PGPKEYS
(I use the above command to import it.)


[root@c83-250-100-230 Download]# gpg --import PGPKEYS
gpg: key 88A6F436: public key "Johannes B. Ullrich <jullrich@euclidian.com>" imported
gpg: key E5593112: public key "DShield Submissions (use for DShield.org reports submissions only) <reports@dshield.org>" imported
gpg: key 713B165D: public key "Internet Storm Center (http://isc.incidents.org) <isc@sans.org>" imported
gpg: key 6CD2A449: public key "DShield Submissions (use to send encrypted submissions to dshield.org) <reports@dshield.org>" imported
gpg: key 826F07FC: public key "Johannes B. Ullrich (2003 key) <jullrich@sans.org>" imported
gpg: key A32BC885: public key "DShield.org (Block List) <blocklist@dshield.org>" imported
gpg: key 858E383B: public key "DShield.org (Block List) <blocklist@dshield.org>" imported
gpg: key 9B0E6F13: public key "SANS Internet Storm Center <isc@sans.org>" imported
gpg: key 89B34BF0: public key "Johannes B. Ullrich (2004 key) <jullrich@sans.org>" imported
gpg: key B58B4C82: public key "DShield Blocklist (Used to Sign DShield Blocklist) <blocklist@dshield.org>" imported
gpg: key F212DFFB: public key "Johannes B. Ullrich (2005 Key) <jullrich@sans.org>" imported
gpg: key 68888ADA: public key "Johannes B. Ullrich (2005 Key) <jullrich@sans.org>" imported
gpg: key 1EE676E0: public key "DShield Blocklist (Used to Sign DShield Blocklist) <blocklist@dshield.org>" imported
gpg: key 9C0EC441: public key "SANS Internet Storm Center <isc@sans.org>" imported
gpg: key 3FA67050: public key "DShield Reports (Use to encrypt DShield reports) <reports@dshield.org>" imported
gpg: Total number processed: 15
gpg: imported: 15
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2056-08-02
[root@c83-250-100-230 Download]#

-------------------------------------------------------------------------------------------------------------------

Why has this person a lot of keys? I am surprised

You could get or read his key from the following:

Johannes Ullrich
<jullrich@sans.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Michael: I may be able to hel
Sep 22
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Michael:

I may be able to help you with things like this. contact me off list.
- Show quoted text -



Michael Schoen wrote:
> Hi,
>
> I´d like to generate further reports based on the dshield information and
> would like access more data.
>
> I am e.g. thinking about spliting ports reports based on SourcePort and
> Destination Port, combine it with the Subnet-Activity and also enricht with
> some Country data.
>
> Who can actually help me to access those data?
>
> Greetings from Germany
> Michael
>
>
> ---------------------------------
> Yesterday is history,
> Tomorrow is a mystery
> but Today is a gift.
> That's why they call it present..
> ---------------------------------
>
>
> _________________________________________
>
> SANS Network Security 2006 - Las Vegas NV October 1st-9th.
> Wide selection of 1-6 Day Courses. Top Instructors!
>
> Details: isc.sans.org/clickcount.php?ad=1
> (use Brochurcode "ISC")
>
> "Best IT Security return on Investment" (Mario Chiock, Schlumberger)
> _______________________________________________
>


- --

- -------------------
Johannes B. Ullrich, Ph.D PGP Key: https://secure.dshield.org/PGPKEYS
Chief Research Officer
__________________________________________________
SANS Institute / "We use [isc.sans.org] every day to keep on top of
http://isc.sans.org / of security at our bank" Matt, Network
Administrator
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFFEfYPNuXYcm/v/0RAs9fAJ45xXUDkADKmMupUW5PjQUakWVCUgCfdxDa
araVozcbIgV/8jF+GLtJyE8=
=xV0x
-----END PGP SIGNATURE-----
- Show quoted text -
_________________________________________

SANS Network Security 2006 - Las Vegas NV October 1st-9th.
Wide selection of 1-6 Day Courses. Top Instructors!

Details: isc.sans.org/clickcount.php?ad=1
(use Brochurcode "ISC")

"Best IT Security return on Investment" (Mario Chiock, Schlumberger)
_______________________________________________
You could look at his key from the following:



Johannes Ullrich
<jullrich@sans.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Michael: I may be able to hel
Sep 22

It means that he had more than one key signature that he is using in the file PGPKEYS and when you imported it imported all of them into the keyring.
Apparently he has need of more than one key for each of the things he uses them for, it is definitely different than what you usually see where one key has multiple email address associated with it for the various things the key owner uses it for.

Thanks Happy Tux for the reply.

I have a gmail account. Would it be fine to create another pair of keys for using their email address?

I guess the command 'gpg --gen-key' will create keys for me.

You can create as many keys as you want too and that is the command to do it with or if you wanted you can add another email address to your already existing key with gpg --edit-key 6D090EE9 then use adduid type in your name then new email to add.