Why is there a subkey and a selfsig in a new key?

David Smith Dave.Smith at st.com
Tue Nov 8 16:29:15 CET 2011

Robert J. Hansen wrote:
> IIRC, it was a response to laws like the United Kingdom's RIPA which
> allows the authorities to demand encryption keys from users.  By
> separating encryption and signing into separate subkeys, and making the
> signing subkey the 'master' one, it allows users to divulge encryption
> subkeys to the authorities when required, then immediately revoke those
> encryption subkeys and resume encrypted communications with others.
> I may be in error.

In my case, it's because I like to change my encryption key on a regular
basis (so that if an encryption key ever were to be cracked, it limits
the damage to a smaller number of files/messages), but don't want the
hassle of having to go around and get everyone to sign my new key every
time I issue a new one.

So, I have a master signing key with a long (or infinite) lifetime, but
an encryption subkey with a short lifetime.  When the encryption subkey
expires, I generate a new encryption subkey which is signed by the
master key, so all my contacts still consider it to be valid without
them having to sign it (at a keysigning party etc.)

More information about the Gnupg-users mailing list