what is the use of signing keys?
Owen Blacker
owen@flirble.org
Mon Oct 15 17:16:01 2001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ingo Kl=F6cker wrote (2001-10-14 T 20:03 +0200):
>
> > > > So I have a signing key, with no encryption component, so I know
> > > > that it can't be seized under any circumstances.
> > >
> > > Is there anything technical preventing the signature key from being
> > > used for encryption other than stuff like option flags?
> >
> > The key has no encryption subkey, it was revoked immediately on
> > creation.
>
> Why didn't you simply remove the encryption sub key after key
> creation?
Makes a point. Seeing it revoked at N seconds after creation is more
provable than it not being there, I'd guess.
> And why didn't you simply generate a DSA (sign only) key in the
> first place instead of a DSA/ElGamal key?
Because the key was generated in PGP under Windows 2000 (which doesn't,
to my knowledge, provide such an option), as I find that key generation
is rather slow under the specific configuration of GnuPG under FreeBSD
4.4-PRERELEASE to which I have access.
I seem to recall that Werner has mentioned that the speed of GnuPG is
something on which he is working...
> Please excuse my curiosity.
Of course. As long as you'll excuse mine, when the situation is
reversed... :o)
All the best,
O x
- --=20
Owen Blacker | Senior Software Developer and InfoSecurity Consultant
See http://www.owens-place.org.uk/pgp.html -- more about my PGP keys
Sig 0x3e2056b9 | 18cd 92aa 32aa 81b9 f5e8 c520 6475 6239 3e20 56b9
- --
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety --Benjamin Franklin, 1759
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org
iD8DBQE7yv1XZHViOT4gVrkRAisKAJ9ZAFeBSD+BYV9MNxYG7UQrDZGwVgCdGzDR
cZXsZtUk96drVqXkdK6DZPU=3D
=3DL9Vy
-----END PGP SIGNATURE-----