multiple subkeys and key transition

Ben McGinnes ben at
Thu Dec 9 07:14:53 CET 2010

	I am giving very serious thought to creating new keys and
doing a (long-term) transition to them.  This is partly to respond to
known flaws with SHA-1 and take advantage of SHA-256 and higher.

There is currently a push to move away from SHA-1 usage by the end of
2010, although it will almost certainly take longer than that.  There
is a discussion of some of the issues involved here.

At the moment I am planning on using an RSA signing key, but I have
not made my final decision on the encryption subkeys.  I am leaning
towards Elgamal, but that's by no means certain.

The other option, of course, is to create a key with both RSA and
Elgamal encryption subkeys, which does lead to questions:

1) I've forgotten how GPG handles the subkeys, does it choose the
strongest key or the newest key by default or does it encrypt to all
active (non-revoked or non-expired) subkeys?

2) How does PGP (of any version) handle multiple subkeys?

3) Does anyone know of any problems or issues with any version of PGP
or GPG when handling keys with multiple subkeys?

4) Which encryption algorithm do people prefer of RSA and Elgamal, if
either, and why?  I'm doing my own research here, of course, but it
doesn't hurt to ask (yes, I'm already aware of Sam Simpson's
informative FAQ and am re-reading it).

The opinions of the list on any or all of these questions would be
greatly appreciated.


P.S. Apologies to readers of PGPNET and/or PGPMIMENET, who have
already seen this message.  ;)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20101209/6aca5718/attachment.pgp>

More information about the Gnupg-users mailing list