trying to understand UID and subkeys
gerry_lowry (alliston ontario canada)
gerry.lowry at abilitybusinesscomputerservices.com
Thu Mar 5 18:14:24 CET 2009
David Shaw wrote, in part:
You can have one subkey for encryption, one subkey for signing, and
leave your primary key for certification.
This lets you do tricks like keeping your primary key offline.
This is useful as the primary key is the most "valuable" key (since it can make more subkeys),
Question # 1: does primary key here mean "primary PUBLIC key"?
Question # 2: without the pass phrase, how can one make more subkeys?
Question # 3: what determines that a key is a "primary" key?
(is it because --gen-key was used instead of --edit-key?)
Question # 4: by offline, do you mean not on a keyserver?
(versus not on your local hard disk?)
More information about the Gnupg-users