what is the use of signing keys?

Owen Blacker owen@flirble.org
Tue Oct 16 01:31:01 2001 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ingo Kl=F6cker wrote (2001-10-15 T 23:15 +0200):

>

> > > Why didn't you simply remove the encryption sub key after key

> > > creation?

> >

> > Makes a point.  Seeing it revoked at N seconds after creation is more

> > provable than it not being there, I'd guess.

>

> Only for stupid people because you could have easily added another

> encryption subkey and then removed this subkey when the police broke

> into your house. ;-)


You're right.  I'm stupid, the logic of this escaped me when I generated
my new keys this year.  Istr that last years was deleted before being
sent to the keyservers, rather than revoked.  If it's any excuse, I had
a head full of cold around the beginning of September  :/


> > > And why didn't you simply generate a DSA (sign only) key in the

> > > first place instead of a DSA/ElGamal key?

> >

> > Because the key was generated in PGP under Windows 2000 (which

> > doesn't, to my knowledge, provide such an option), as I find that key

> > generation is rather slow under the specific configuration of GnuPG

> > under FreeBSD 4.4-PRERELEASE to which I have access.

> >

> > I seem to recall that Werner has mentioned that the speed of GnuPG is

> > something on which he is working...

>

> He improved the speed of trust checking. AFAIK the key generation is

> still the same. If it's slow then I guess /dev/random is the culprit.

> Maybe this is slow on FreeBSD.


Signing is the slowest thing I've noticed, particularly on long messages
(so, presumably, it's the hashing algorithm that's the problem)  It is a
relatively overworked box I use, though...


O x
- --=20
Owen Blacker | Senior Software Developer and InfoSecurity Consultant
See http://www.owens-place.org.uk/pgp.html -- more about my PGP keys
Sig  0x3e2056b9 | 18cd 92aa 32aa 81b9 f5e8  c520 6475 6239 3e20 56b9
- --
They that can give up essential liberty to obtain a little temporary
 safety deserve neither liberty nor safety --Benjamin Franklin, 1759
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE7y3FDZHViOT4gVrkRAqKgAKCHuDzKNqYcFV1DpN7IpFDnQ7egegCgz7zl
TY/gDXrAEY4WVW6mkiuLFcE=3D
=3DzRLs
-----END PGP SIGNATURE-----