multiple subkeys and key transition

Sven Klomp mail at
Thu Dec 9 14:38:48 CET 2010

On Thursday 09 December 2010 07:14:53 Ben McGinnes wrote:
> Hello,
> 	I am giving very serious thought to creating new keys and
> doing a (long-term) transition to them.  This is partly to respond to
> known flaws with SHA-1 and take advantage of SHA-256 and higher.
> There is currently a push to move away from SHA-1 usage by the end of
> 2010, although it will almost certainly take longer than that.  There
> is a discussion of some of the issues involved here.
Hi Ben,

I had a similar situation: I started to use a CryptoStick, which can only handel RSA keys. After some discussions [1], I revoked the ElGamal and have now only one encryption key in my keyring.



> At the moment I am planning on using an RSA signing key, but I have
> not made my final decision on the encryption subkeys.  I am leaning
> towards Elgamal, but that's by no means certain.
> The other option, of course, is to create a key with both RSA and
> Elgamal encryption subkeys, which does lead to questions:
> 1) I've forgotten how GPG handles the subkeys, does it choose the
> strongest key or the newest key by default or does it encrypt to all
> active (non-revoked or non-expired) subkeys?
> 2) How does PGP (of any version) handle multiple subkeys?
> 3) Does anyone know of any problems or issues with any version of PGP
> or GPG when handling keys with multiple subkeys?
> 4) Which encryption algorithm do people prefer of RSA and Elgamal, if
> either, and why?  I'm doing my own research here, of course, but it
> doesn't hurt to ask (yes, I'm already aware of Sam Simpson's
> informative FAQ and am re-reading it).
> The opinions of the list on any or all of these questions would be
> greatly appreciated.
> Regards,
> Ben
> P.S. Apologies to readers of PGPNET and/or PGPMIMENET, who have
> already seen this message.  ;)

More information about the Gnupg-users mailing list