Standards and PGP wraper
David Pick
D.M.Pick at qmw.ac.uk
Wed Nov 11 11:13:53 CET 1998
> >>>>> "dp" == David Pick
> >>>>> "Re: Standards and PGP wraper "
> >>>>> Tue, 10 Nov 1998 18:37:41 +0000
>
> dp> It's just that I happen to feel that in many ways digital
> dp> signatures are more important than the basic encryption,
> dp> certainly if they become accepted (as I expect they will) as
> dp> legally equivalent to traditional hand-written signatures
> dp> sometime in the not-so-distant future.
>
> Is there a problem with using a sign-only key for normal signatures
> and using the signing key of a sign-and-encrypt pair only in
> conjunction with encrypting?
I'm not sure I understand you here. What do you mean by "using the
signing key of a sign-and-encrypt pair only in conjunction with
encrypting"? Surely, when encrypting you'd use the encryption key
of the sign-and-encrypt pair and not touch the signing key. (If
by sign-and-encrypt-pair you mean a sign-only key and an encrypt-
only subkey.)
Certainly it's possible to set up two top-level keys and use one
(probably sign-only) for signing, and the other (just possibly
encrypt-only) for encryption (and decryption!).
But it's a lot less convenient because they look like two different
keys to things like keyservers, import and export operations,
and the like. And that can lead to confusions especially with
less experienced users of PGP or GnuPG, they mightend up with only
one of my keys on their keyring because they don't realise there's
two of them.
And it also probably forces me to tell my mailer that I always want
to select the key to use for any operation because it won't have
the ability to set *two* different keys as the defaults for the
two different types of operation.
--
David Pick
More information about the Gnupg-devel
mailing list