[Q] Multiple signing keys (was: DSA 1024-bit limit)

Daniel Carrera dcarrera@math.umd.edu
Wed May 14 03:33:02 2003

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Alright.  I'm trying to figure out how to use a dual (RSA, DSA)=20
signing-key pair.  This is what I currently have:

Command> list
pub  1024D/0FEBCEC3  created: 2003-05-10 expires: 2006-05-12 trust: u/u
sub  2048g/0D1C25EC  created: 2003-05-10 expires: 2006-05-13
sub  2048R/E3CA8FAE  created: 2003-05-13 expires: 2006-05-12
(1). Daniel Carrera (PhD Student, Math) <dcarrera@math.umd.edu>

1) When I sign, how do I specify a non-default signing key?
2) I don't fully understand the role of the primary key.  In my case, I=20
could have two possible setups:

  - Primary signing RSA, secondary signing DSA, secondary ElGamal.
  - Primary signing DSA, secondary signing RSA, secondary ElGamal.

How are these two different?  Tell me if I got it right:

I understand that the primary key is somehow more important (for one, it's=
supposed to last longer).  So I imagine that having a primary RSA (with=20
more than 1024 bits) is the better option.

Does my primary key serve for the authenticity of my secondary keys?  If=20
so, I imagine that it's better for the primary key to be stronger (ie.=20

Did I get this right?

> One option that the previous responder didn't take into account, but
> which David Shaw recommends and which makes sense to me and the
> paranoid, standards-conscious folks with which I consort is:
> Strong (2048 or above) RSA Primary signing key
>     for collecting signatures and being long-term reliable
>     for signing other keys
> Standard (1024) DSA signing subkey
>     for (legally?) signing documents and emails
>     (signing subkeys are automatically used in favor of primary keys by
>      gnupg for this)
> Strong (2048 or above) ElGamal encryption subkey

Given the fact that I am a paranoid, standards-conscious person:
  I should now revoke my current key-ring because the primary key is DSA.
  I should then start over using a primary RSA with 2048 bits instead.

If this is a good idea, it's best that I do it now that I'm just getting=20
started and my key-ring is pretty empty.

Is this conclusion correct?

If so, is there any further advise for my new key-ring?  This is what I'd=
have in mind:
   - 2048 RSA signing -- primary.
   - 1024 DSA signing.
   - 2048 ElGamal encryption.

Thanks a lot,
Daniel Carrera         | OpenPGP fingerprint:
Graduate TA, Math Dept | C678 4F28 6418 6A62 F186 98FC 9E04 B9A0 0FEB CEC3
UMD  (301) 405-5137    | http://www.math.umd.edu/~dcarrera/pgp/key.html

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.1 (SunOS)