[Q] Multiple signing keys (was: DSA 1024-bit limit)

Daniel Carrera dcarrera@math.umd.edu
Wed May 14 03:33:02 2003 

--T4sUOijqQbZv57TR
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Alright.  I'm trying to figure out how to use a dual (RSA, DSA)=20
signing-key pair.  This is what I currently have:

Command> list
            =20
pub  1024D/0FEBCEC3  created: 2003-05-10 expires: 2006-05-12 trust: u/u
sub  2048g/0D1C25EC  created: 2003-05-10 expires: 2006-05-13
sub  2048R/E3CA8FAE  created: 2003-05-13 expires: 2006-05-12
(1). Daniel Carrera (PhD Student, Math) <dcarrera@math.umd.edu>


1) When I sign, how do I specify a non-default signing key?
2) I don't fully understand the role of the primary key.  In my case, I=20
could have two possible setups:

  - Primary signing RSA, secondary signing DSA, secondary ElGamal.
  - Primary signing DSA, secondary signing RSA, secondary ElGamal.

How are these two different?  Tell me if I got it right:

I understand that the primary key is somehow more important (for one, it's=
=20
supposed to last longer).  So I imagine that having a primary RSA (with=20
more than 1024 bits) is the better option.

Does my primary key serve for the authenticity of my secondary keys?  If=20
so, I imagine that it's better for the primary key to be stronger (ie.=20
RSA).

Did I get this right?

> One option that the previous responder didn't take into account, but
> which David Shaw recommends and which makes sense to me and the
> paranoid, standards-conscious folks with which I consort is:
>=20
> Strong (2048 or above) RSA Primary signing key
>     for collecting signatures and being long-term reliable
>     for signing other keys
> Standard (1024) DSA signing subkey
>     for (legally?) signing documents and emails
>     (signing subkeys are automatically used in favor of primary keys by
>      gnupg for this)
> Strong (2048 or above) ElGamal encryption subkey

Given the fact that I am a paranoid, standards-conscious person:
  I should now revoke my current key-ring because the primary key is DSA.
  I should then start over using a primary RSA with 2048 bits instead.

If this is a good idea, it's best that I do it now that I'm just getting=20
started and my key-ring is pretty empty.

Is this conclusion correct?

If so, is there any further advise for my new key-ring?  This is what I'd=
=20
have in mind:
   - 2048 RSA signing -- primary.
   - 1024 DSA signing.
   - 2048 ElGamal encryption.


Thanks a lot,
--=20
Daniel Carrera         | OpenPGP fingerprint:
Graduate TA, Math Dept | C678 4F28 6418 6A62 F186 98FC 9E04 B9A0 0FEB CEC3
UMD  (301) 405-5137    | http://www.math.umd.edu/~dcarrera/pgp/key.html

--T4sUOijqQbZv57TR
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (SunOS)

iQEVAwUBPsGdKZMuikfjyo+uAQKuowgAhoAyXsLzNTdbW+9d2qDFbM2MFVWU+UFr
iqoQNeMzqDhHmOxpWQ+D8tlsMSOHZJs3XY1W++eR5hpcowhmS5eWRQ8XNkxUBDKL
sS2364fgWSkvZO4bqjD0OBzxRr+ArtN1IdyIlyAuUIh7ETl2QqwKqL7u9qV+cDvD
yJLA9/EUcRmBZLmvx6wm2nAYbUBjpx5RnsS0IqIrmn6LvnAbeRRN7nox3rvgOIVX
UX7iUYx2efXgmgtfy8Wecs+bpBbW1nwP0gkr8Pn3koIn47OhAa+HzJzloFZR7Viq
z49d6EzvWn1P32hVeNv1DbROeevURptuOpbhyxBU2Pqn+myrZ350cQ==
=Erpz
-----END PGP SIGNATURE-----

--T4sUOijqQbZv57TR--