DSS Standard

Werner Koch wk@gnupg.org
Thu, 24 Aug 2000 16:36:10 +0200

On Thu, 24 Aug 2000, Stefan Nobis wrote:

> But there are two keys, one for encryption and one for signing, or not?
Right. It is better to use different keys for signing and encryption; it has also the advantage that you can retire the encryption key from time to time (Hello RIP) to gain forward secrecy. The usually used encryption key is an ElGamal (aka DH) key which has other properties than DSA. ElGamal can also be used for signing but this is seen as a non so secure way and quite complicated to do right; therefor it is better to use DSA for signing - Phil Zimmermann calls DSA "ElGamal debugged". Werner -- Werner Koch GnuPG key: 621CC013 OpenIT GmbH http://www.OpenIT.de -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org