multiple subkeys and key transition

Hauke Laging mailinglisten at
Thu Dec 9 14:41:10 CET 2010

Am Donnerstag 09 Dezember 2010 07:14:53 schrieb Ben McGinnes:
> Hello,
> 	I am giving very serious thought to creating new keys and
> doing a (long-term) transition to them.  This is partly to respond to
> known flaws with SHA-1 and take advantage of SHA-256 and higher.

What is the relation between a key and the hashing algorithms?

> At the moment I am planning on using an RSA signing key, but I have
> not made my final decision on the encryption subkeys.  I am leaning
> towards Elgamal, but that's by no means certain.

In case of doubt choose RSA. It's the only one you can use with the g10 

> 1) I've forgotten how GPG handles the subkeys, does it choose the
> strongest key or the newest key by default or does it encrypt to all
> active (non-revoked or non-expired) subkeys?

It chooses the newest subkey.

PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20101209/cb504bda/attachment.pgp>

More information about the Gnupg-users mailing list