multiple subkeys and key transition

[Sven Klomp]

On Thursday 09 December 2010 07:14:53 Ben McGinnes wrote:
> Hello,
> 	I am giving very serious thought to creating new keys and
> doing a (long-term) transition to them.  This is partly to respond to
> known flaws with SHA-1 and take advantage of SHA-256 and higher.
> 
> There is currently a push to move away from SHA-1 usage by the end of
> 2010, although it will almost certainly take longer than that.  There
> is a discussion of some of the issues involved here.
> 
> http://www.debian-administration.org/users/dkg/weblog/48
> 
Hi Ben,

I had a similar situation: I started to use a CryptoStick, which can only handel RSA keys. After some discussions [1], I revoked the ElGamal and have now only one encryption key in my keyring.

Sven

[1] http://lists.gnupg.org/pipermail/gnupg-users/2010-November/039828.html

> At the moment I am planning on using an RSA signing key, but I have
> not made my final decision on the encryption subkeys.  I am leaning
> towards Elgamal, but that's by no means certain.
> 
> The other option, of course, is to create a key with both RSA and
> Elgamal encryption subkeys, which does lead to questions:
> 
> 1) I've forgotten how GPG handles the subkeys, does it choose the
> strongest key or the newest key by default or does it encrypt to all
> active (non-revoked or non-expired) subkeys?
> 
> 2) How does PGP (of any version) handle multiple subkeys?
> 
> 3) Does anyone know of any problems or issues with any version of PGP
> or GPG when handling keys with multiple subkeys?
> 
> 4) Which encryption algorithm do people prefer of RSA and Elgamal, if
> either, and why?  I'm doing my own research here, of course, but it
> doesn't hurt to ask (yes, I'm already aware of Sam Simpson's
> informative FAQ and am re-reading it).
> 
> The opinions of the list on any or all of these questions would be
> greatly appreciated.
> 
> 
> Regards,
> Ben
> 
> P.S. Apologies to readers of PGPNET and/or PGPMIMENET, who have
> already seen this message.  ;)
> 
>