newbie question about identities

Atom 'Smasher'
Fri Oct 3 11:19:02 CEST 2003

i'm only a few years behind with gpg/pgp, but trying to get up to

i like the idea of identities, but i'm not sure if i'm either missing
something, or if that part of the system (or documentation) is flawed....

let's say i have 2 identities....

obviously, each of these identities should be kept *FAR* apart.

according to the documentation [that i've found], all you have to do is
use the gpg "edit-key" and "adduid" to add an ID to your key-pair, and
then you can use one key-pair for multiple IDs.

i see 2 problems with this:
1) the key-id is the same for both roles
2) when exporting the public key, both identities are part of it

both of these factors make it too easy for one's "other" identity to be
revealed... this could be bad (very bad, since keys are like viruses,
and can't be removed from circulation).

so the question is, am i missing something? or is this a fact of life if a
single key-pair is used for multiple IDs? if one wants to use multiple
IDs (and keep each ID isolated from all other IDs), is it necessary that
each ID has it's own key-pair?


----------------Void-If-Detached----------------  Yamaha FS1R

	Quidquid latine dictum sit, altum viditur.
	(Whatever is said in Latin sounds profound.)

More information about the Gnupg-users mailing list