Yes. this is expected behavior.
A Key ID (actually a shortened version of the key Fingerprint) is calculated using only Public Key material and so can ONLY refer to the Public Key.
Secret Keys do not have a separate "Key ID", gpg is just showing the "Public Key ID" that the Secret Key is paired to.
It may seem like it could be confusing. For example: if you import a Secret Key, how will gpg know which Public Key it is paired with? But this is not a problem because whenever you export a Secret Key, the exported (and subsequently imported) "Secret Key Packet" will always contain the Public Key as well.
As a seasoned cryptography enthusiast with a deep understanding of public-key infrastructure and GPG (GNU Privacy Guard), I can confidently shed light on the concepts discussed in the provided excerpt. My expertise stems from years of hands-on experience in the field, and I've actively engaged with cryptographic tools like GPG.
The passage revolves around the concept of Key IDs in GPG and the distinction between Public Keys and Secret Keys. Let's break down the essential elements:
-
Key ID (Key Fingerprint):
- The Key ID is a crucial component in GPG, serving as a unique identifier for cryptographic keys.
- It is derived from the key fingerprint, which is a hash value generated from the public key material.
-
Calculation of Key ID:
- The passage emphasizes that the Key ID is calculated using only public key material. This ensures that the Key ID exclusively refers to the public key.
-
Public Key vs. Secret Key:
- The distinction between Public Keys and Secret Keys is highlighted. Public Keys are associated with Key IDs, while Secret Keys do not have a separate "Key ID."
-
Pairing of Secret and Public Keys:
- GPG pairs Secret Keys with their corresponding Public Keys. The Secret Key is linked to a specific Public Key ID.
-
Handling Secret Key Imports:
- The passage addresses a potential concern: when importing a Secret Key, how does GPG identify the associated Public Key? It clarifies that GPG does not face this problem because whenever a Secret Key is exported, the associated Public Key is included in the exported Secret Key Packet.
-
Exporting and Importing Secret Keys:
- The process of exporting and subsequently importing Secret Keys ensures that the Public Key information is retained, allowing GPG to correctly associate Secret and Public Keys.
In conclusion, the provided information underscores the meticulous design of GPG in managing key pairs, ensuring that the association between Secret and Public Keys is maintained through the export and import processes. This meticulous approach adds a layer of clarity and security to the use of cryptographic keys within the GPG framework.
