Using single subkey for both signing and encryption?
John Clizbe
John at Mozilla-Enigmail.org
Mon Nov 2 00:22:00 CET 2009
gpg.mexon at spamgourmet.com wrote:
> Hi, I just have a basic question about subkeys. When I create an RSA
> subkey I only have the option to create one for signing or encryption,
> not both. Why is that? There's nothing different about the keys
> themselves, is there? Is there supposed to be some increased security
> to doing it this way?
Given that the underlying mathematics is the same for encryption and signing,
only in reverse, if an attacker can convince a key holder to sign an unformatted
encrypted message using the same key then she gets the original.
--
John P. Clizbe Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or
mailto:pgp-public-keys at gingerbear.net?subject=HELP
Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 679 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20091101/a36a6fc6/attachment.pgp>
More information about the Gnupg-users
mailing list