How secure is GnuPG

David Shaw
Wed Jul 24 02:34:01 2002

On Tue, Jul 23, 2002 at 10:39:19PM +0200, Waldemar Brodkorb wrote:

> Recently I've discussed about this on a german mailinglist and I
> think someone could use RSA keys only for signing with GnuPG. Right?
> PGP 7.x seems to do both. 

No.  GnuPG can use RSA for either signing or encrypting.

> RFC2440 says:
> In a key that has a main key and subkeys, the primary key MUST be a
> key capable of signing. The subkeys may be keys of any other
> type. There may be other constructions of V4 keys, too. For example,
> there may be a single-key RSA key in V4 format, a DSA primary key with
> an RSA encryption key, or RSA primary key with an Elgamal subkey,
> etc.
> Are there any plans to integrate this feature?

No plans, because it's already in there. :)


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson