generating a v4 rsa sign and encrypt keypair // no subkey generated ?

David Shaw dshaw at jabberwocky.com
Wed Oct 20 16:40:15 CEST 2004


On Wed, Oct 20, 2004 at 06:38:21AM -0700, vedaal at hush.com wrote:
> in 1.3.x, (in expert mode),
> when generating an rsa v4 key, and choosing the selection:
> 'sign and encrypt' ,
> 
> gnupg creates an rsa v4 keypair that is sign and encrypt,
> but does not have any subkeys
> (similar to v3 keys)
> 
> i happen to like it, only in that it avoids confusion for some people
> trying to reply to a key id in a signed message, and finding that the
> key encrypted to is a different keyid,
> 
> was this the intention behind this key type,
> or is there another reason that this is useful?

There is no particular intent behind sign+encrypt keys.  The standard
allows for them (but does not recommend them), and so GnuPG allows
them as well (and just as much does not recommend them - note that
they are hidden behind --expert).

David



More information about the Gnupg-users mailing list