GPG and 1024-bit (or multiple) subkeys

Robert J. Hansen rjh at
Tue Aug 15 08:29:15 CEST 2006

Charles Franklin Bernard wrote:
> A new customer is requesting we generate a new key for them that has 
> a 2048 sub key, claiming GPG requires this by default.

GnuPG defaults to 2048 bits for new RSA and El Gamal keys.  (It may
default to 2048 for DSA now, as well; if so, this is a new addition in
the last few weeks.)

However, there's nothing in GnuPG that prohibits the use of shorter keys.

> So I added another subkey, 2048-bit, but the customer says GPG is
> looking for a 2048 subkey *by itself*.  Does that make sense?

Not especially.  Subkeys don't exist in isolation.  They only exist as
part of a larger key.

Your customer's request doesn't appear to be particularly well-phrased.
 That's going to limit any help anyone on the list can provide.

More information about the Gnupg-users mailing list