multiple subkeys and key transition
Ben McGinnes
ben at adversary.org
Thu Dec 9 16:40:34 CET 2010
On 10/12/10 12:41 AM, Hauke Laging wrote:
> Am Donnerstag 09 Dezember 2010 07:14:53 schrieb Ben McGinnes:
>> Hello,
>> I am giving very serious thought to creating new keys and
>> doing a (long-term) transition to them. This is partly to respond to
>> known flaws with SHA-1 and take advantage of SHA-256 and higher.
>
> What is the relation between a key and the hashing algorithms?
The current key is DSA/Elgamal
> In case of doubt choose RSA. It's the only one you can use with the
> g10 smartcard.
That would matter if I had/used smartcards, but I don't so it doesn't.
I prefer to simply have complete physical control over any system
which my secret keys are installed on.
>> 1) I've forgotten how GPG handles the subkeys, does it choose the
>> strongest key or the newest key by default or does it encrypt to all
>> active (non-revoked or non-expired) subkeys?
>
> It chooses the newest subkey.
Excellent. I had a nagging feeling that that was right, thanks for
confirming it.
Regards,
Ben
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20101210/de032c0a/attachment.pgp>
More information about the Gnupg-users
mailing list