Keytypes and changing them
Christoph Anton Mitterer
cam at mathematica.scientia.net
Tue Nov 8 12:27:13 CET 2005
Hi folks!
Ok,.. I know that you can set at least the following flags to specify
the purpose of a key:
A - authorsation
C - certification
E - encryption
S - signation
Ok,.. as far as I understood, if a key is C-only that this indicates
that it is used solely for signing other keys, but not for signing
normal data, correct?
Ok,.. I thought about that and came to the result - correct me if I'm
wrong - that it would be more secure to use the primary key only for
certificating other keys (and of course for self-sigs).
Ok my current key looks like the following:
primary: CS, RSA-S, 4096 bit
secondary: E, ElGamal, 4096 bit
So I think it would be better to have the following:
primary: C, RSA-S, 4096 bit
secondary: S, RSA-S, 4096 bit
secondary: E, ElGamal, 4096 bit
Ok...
1) Is it advisable at all?
2) Can I change this with GPG (without having to create a new key, of
course)?
3) If not: Is this function going to be intruduced in GPG the next time?
4) If not: How could I do that else?
5) Would it change my primary key in such a way, that it renders the
signatures that I've already received from other users invalid?
Best wishes,
Chris.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cam.vcf
Type: text/x-vcard
Size: 449 bytes
Desc: not available
Url : /pipermail/attachments/20051108/206b6edd/cam.vcf
More information about the Gnupg-users
mailing list