Best practices for multiple e-mail addresses
atom-gpg at suspicious.org
Fri Oct 10 12:33:34 CEST 2003
> I have three distinct e-mail addresses: work, home, and another
> business. What's the best practice for keeping a key for each address?
> One key with multiple addresses in it (i.e. a key for me as a person)? A
> separate key for each address (i.e. a key for each of work/home/business
> as a unit)?
> How do others do it?
i'm kinda new to the list myself, but since i've been so vocal about this
type of thing i'll take a shot at answering you...
if you add multiple IDs to a key pair, then each ID "points" to each other
ID. this shouldn't be a problem as long as you don't mind that anyone who
knows you from work also know you from your other business.
on the other hand, if your employer doesn't want you to have you
conducting other business on the side (or the type of side-business is not
acceptable to the primary employer), then those two IDs should each have
their own key pair. of course there are other methods of discovering that
two email addresses belong to the same person, but those are (mostly)
beyond the scope of pgp/gpg.
basically, adding IDs to a key is a convenience, while creating new keys
for each ID helps to keep those IDs unrelated to each other.
this is one of the practical aspects of pgp/gpg where the right choice
depends more on social issues than technical issues.
PGP key - http://smasher.suspicious.org/pgp.txt
3EBE 2810 30AE 601D 54B2 4A90 9C28 0BBF 3D7D 41E3
To become vegetarian is to step into the stream
which leads to nirvana.
More information about the Gnupg-users