one key or multiple keys

F. Rodriguez MagicFab@FabianRodriguez.com
Mon Jun 23 03:54:02 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


>Should I use only ONE key for every email address I have
>(with multiple IDs, eg. Marcin Gil <email #1>, Marcin Gil =
<email #2>)
>or should I use multiple keys -- one for every email address?

"It depends" :) Some examples:

 - Privacy: many keys, each with emails adresses (or without =
any email at all) so there's no easy to track relationship =
between you hobbies/projects/etc. and your job/family/friends
 - Ease of maintenance: remembering passwords, collecting =
signatures and making sure you don't sign with the wrong key is=
 not easy with more keys
 - Experience: if you are doing tests, by all means generate =
revocation cers, don't publish to keyservers and/or set an =
expiration date of 6 months (or less) ;)
 - Business/project: If you have separate keys for =
business/project roles, a good rule is to sign those keys with =
your personal key, instead of collecting signatures on all. If =
Alice trusts you and you trust your business, then someone can =
decide if they trust your business key(s) based on their =
knowledge of Alice (or you).
 - Applications: in some occasions you may not want software =
that supports OpenPGP to use your precious super-secure key... =
maybe generate a new one and optionally sign it/assign it trust.

There's also the use of subkeys which you may want to read more=
 about.

If you have other examples, or if you get creative, share back =
here ;)

Fabi=E1n A. Rodr=EDguez S. - www.FabianRodriguez.com
Montreal, QC, Canada

**
This message is protected with OpenPGP digital security =
features.
OpenPGP Key ID: 0x5AF2A4D5 - Visit WinPT.org and secure you =
data.

-----BEGIN PGP SIGNATURE-----
Comment: PGP/Mime available upon request

iD8DBQE+9l3DfUcTXFrypNURAt/8AJ9ovBq8mddTuGwlXbtvXhHAgEZTEQCg/P5e
dKsgJu0c8shqFDttyP3KXRs=3D
=3DY36Y
-----END PGP SIGNATURE-----