Encryption keys in the OpenPGP spec
Robert J. Hansen
rjh at sixdemonbag.org
Mon Jul 27 05:20:49 CEST 2009
> So, my first question is why is there a distinction between the two
> types of encryption?
It is conceivable there may exist some highly niche areas which need
the ability to definitively say, "this encryption key may only be used
for this purpose, and that encryption key may only be used for that
purpose." The spec allows these users to make those sorts of
statements.
> Which suggests, quite strongly, that the distinction is irrelevant.
> Why
> GnuPG ignore the different encryption key types?
It doesn't suggest the distinction is irrelevant -- only that GnuPG
doesn't enforce a distinction. The spec requires some behavior, and
other behavior is left up to implementors to decide whether, and how,
to implement it.
For users who need the sorts of guarantees mentioned in my first para,
they need to use a different product than GnuPG. That's not a bad
thing: different software packages are aimed at different groups of
users.
More information about the Gnupg-users
mailing list