Multiple encryption subkeys

Dennis Lambe Jr.
Tue Apr 29 19:14:02 2003

Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

I've read through the archives, but I still have a question or two about
subkeys.  Most of the discussion has been about signing subkeys, or
encrypting subkeys that are used in succession, with one only coming=20
into use after another expires.  I haven't read anything about having=20
multiple active encrypting subkeys and the issues they present.

What I'd like to do is have a public key with multiple ElGamel and RSA
subkeys of different key lengths, 1024, 2048, and 4096, for example.  My
goal is to allow the sender more control over the encryption vs. speed
tradeoff and the encryption algorithm, instead of requiring that she use
the level of security that I deemed appropriate.  My reasoning is that
how secure a message needs to be may be more appropriately determined by
the contents of the message, rather than the identity of the recipient.

1) Is this a worthwhile endeavor, cryptographically speaking?  That is
to say, am I justified in wanting to do this, or is there something I've
overlooked that makes this a bad or useless application of subkeys?

2) Is there a way to specify a default encrypting subkey?  I have read
that GnuPG will encrypt to the most recently self-signed subkey unless
the exclamation-point syntax is used.  Can that be overridden by a flag
in the key?  I haven't read anything to suggest that it could, so this
is just wishful thinking.

3) Apart from the awkward method of deciding a "default" encrypting
subkey, I think I've figured out everything I need to know to use GnuPG
with multiple encrypting subkeys.  How is support in other OpenPGP
programs, though?  Will the commercial PGP be able to work with my key?=20
Does it have an equivilent to the exclamation-point syntax, or will it
always use the default subkey?  How about WinPT, GPA, and Seahorse?  I
know they'll at least work with my key, but do they provide a UI for
encrypting to a specific subkey?

4) A lot of messages I read from 2002 and earlier this year suggest that
many keyservers are still having difficulty with multiple subkeys.  Is
this still the case, or have there been recent positive developments in
that area?  What's the official gnupg-users party line on the use of
keyservers with multiple subkeys?  Is it still "use and pray"?

GnuPG is a great piece of software.  I'm very impressed with how well it
implements the OpenPGP standard.  It's pretty frutstrating, though, when
the rest of the PGP community is lagging so far behind the open source

--Dennis Lambe

Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

Version: GnuPG v1.2.1 (GNU/Linux)
Comment: My public key is available at