atom at smasher.org
Thu Feb 3 17:24:39 CET 2005
-----BEGIN PGP SIGNED MESSAGE-----
On Thu, 3 Feb 2005, David wrote:
> I'm using gpg 1.2.1 on RH9.
gpg 1.4 is better. no comment on RH9.
> I consider generating RSA key as described:
> master 2048 RSA key sign only, used for signing sub-keys, doesn't expire
> |- 2048 RSA sign sub-key, for signing docs, expires
> |- 4096 RSA encryption sub-key, expires
> 1. I plan to generate a new sub-key shortly before the previous one
> expires. Will my recipients consider the new sub-key as valid since
> it is signed by the master key?
why not update the expiration date on the subkeys, and keep them? if
they're not compromised there's no reason to throw them away.
> 2. Are there any compatibility issues I should consider?
RSA support is optional in rfc2440. i've been using an RSA only key for a
while with no problems, mostly with other gpg users.
PGP key - http://atom.smasher.org/pgp.txt
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
"The shepherd drives the wolf from the sheep's for which
the sheep thanks the shepherd as his liberator, while the
wolf denounces him for the same act as the destroyer of
liberty. Plainly, the sheep and the wolf are not agreed
upon a definition of liberty."
-- Abraham Lincoln
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (FreeBSD)
Comment: What is this gibberish?
-----END PGP SIGNATURE-----
More information about the Gnupg-users