one key or multiple keys

F. Rodriguez
Mon Jun 23 03:54:02 2003

Hash: SHA1

>Should I use only ONE key for every email address I have
>(with multiple IDs, eg. Marcin Gil <email #1>, Marcin Gil =
<email #2>)
>or should I use multiple keys -- one for every email address?

"It depends" :) Some examples:

 - Privacy: many keys, each with emails adresses (or without =
any email at all) so there's no easy to track relationship =
between you hobbies/projects/etc. and your job/family/friends
 - Ease of maintenance: remembering passwords, collecting =
signatures and making sure you don't sign with the wrong key is=
 not easy with more keys
 - Experience: if you are doing tests, by all means generate =
revocation cers, don't publish to keyservers and/or set an =
expiration date of 6 months (or less) ;)
 - Business/project: If you have separate keys for =
business/project roles, a good rule is to sign those keys with =
your personal key, instead of collecting signatures on all. If =
Alice trusts you and you trust your business, then someone can =
decide if they trust your business key(s) based on their =
knowledge of Alice (or you).
 - Applications: in some occasions you may not want software =
that supports OpenPGP to use your precious super-secure key... =
maybe generate a new one and optionally sign it/assign it trust.

There's also the use of subkeys which you may want to read more=

If you have other examples, or if you get creative, share back =
here ;)

Fabi=E1n A. Rodr=EDguez S. -
Montreal, QC, Canada

This message is protected with OpenPGP digital security =
OpenPGP Key ID: 0x5AF2A4D5 - Visit and secure you =

Comment: PGP/Mime available upon request