Why 2.1 is delayed for so long
Werner Koch
wk at gnupg.org
Tue Sep 23 14:58:09 CEST 2014
On Tue, 23 Sep 2014 12:14, infinity0 at pwned.gg said:
> "Two subkeys are the exception" because it's not the default and
> people don't know better. If it were made the default, it would become
> the norm. What is the disadvantage to having two subkeys?
Let's first ask ourselves what is the advantage of it? I know only one
use case for a signing subkey which is to use the primary key only on an
offline machine.
> user] to do [X]". However, if you keep making arguments like this, the
> overall effect is that a typical user has to tweak a lot of things to
> get a maximal level of security, which is not good usability-wise.
The typical user shall use the defaults. If you don't like the
defaults, please distribute your own modified version of the software.
> Another suggestion is, a revocation certificate should be
> automatically generated when a key is generated, with clear
> instructions on the user what to do with it.
Didn't you noticed the ~/.gnupg/openpgp-revocs.d ?
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-devel
mailing list