Key practice

David Alexander Russell david.russell.scotland at
Sat Nov 14 20:58:26 CET 2009

I've just bought a netbook with Ubuntu preinstalled, and since
integrating with GnuPG is much easier than it is on Windows I thought it
would be a good idea to start using it properly. However I don't know
what the 'best practice' is with regards to keypairs and so on. I've
read in a couple of places that it's a good idea to have a non-expiring
'master key', which is only used to sign (time-expiring) subkeys that
one then actually uses for signing and encrypting purposes. The problem
is that I'm not particularly hot on cryptography, so it has all combined
to pass far over my head!

Could some kind soul please explain, in layman's terms, what I should
generate and how I should use it? I'm on Ubuntu 8.04 so it's GnuPG 1.4.6
(not the newer version which defaults to RSA - I've read enough FAQs to
establish that DSA is a Bad Thing) if that matters.


David Russell

More information about the Gnupg-users mailing list