Encryption keys in the OpenPGP spec

Robert J. Hansen rjh at sixdemonbag.org
Mon Jul 27 05:20:49 CEST 2009

> So, my first question is why is there a distinction between the two
> types of encryption?

It is conceivable there may exist some highly niche areas which need  
the ability to definitively say, "this encryption key may only be used  
for this purpose, and that encryption key may only be used for that  
purpose."  The spec allows these users to make those sorts of  

> Which suggests, quite strongly, that the distinction is irrelevant.   
> Why
> GnuPG ignore the different encryption key types?

It doesn't suggest the distinction is irrelevant -- only that GnuPG  
doesn't enforce a distinction.  The spec requires some behavior, and  
other behavior is left up to implementors to decide whether, and how,  
to implement it.

For users who need the sorts of guarantees mentioned in my first para,  
they need to use a different product than GnuPG.  That's not a bad  
thing: different software packages are aimed at different groups of  

More information about the Gnupg-users mailing list