Long Key Performance

Werner Koch wk at gnupg.org
Mon Apr 22 10:31:01 CEST 2002


On Sat, 20 Apr 2002 15:25:48 -0400, Gordon Worley said:

> key that will probably keep for 5-10+ years.  Then I have subkeys for
> encryption and signing.  If these ever get too weak, I can always

Short usage periods of subkeys and key roll over is actually a Good
Thing to limit the damage in case of key compromise or RIPing.  The
problem is that most keyservers are not able to cope with multiple
subkeys and that you need to have backup copies of the old secret keys
to be able to decrypt old mails.

Hmmm, PGP can't cope with signing subkeys :-(







More information about the Gnupg-devel mailing list