A few newbie questions, I'am doing this right?

MFPA expires2012 at rocketmail.com
Sat Dec 15 16:07:48 CET 2012

Hash: SHA512


On Thursday 13 December 2012 at 12:10:35 PM, in
<mid:4265438.anoHMM7euF at inno>, Hauke Laging wrote:

> But as you completely
> control which signatures you make I don't think there
> is any serious argument against signing capability.

Since key compromise is possible however careful you intend to be,
isn't it better for the non-expiring main key to have the minimum
possible capability set?

> OK but you unnecessarily limit your benifit of this
> higher security to certifications.

There is no real limitation here. If a need arose for "higher
security" signing or encryption keys, new subkeys with those
capabilities could be created and circulated, and the secret subkeys
stored offline just like the main key.

> Unfortunately (I don't know the reason for this policy
> difference) the same is true for PIN pads and
> encryption. But for signatures the damage can be
> limited.

Maybe because encryption uses the public key, so no passphrase or PIN
would be required?

>> > • add a UID without email (just your name and a
>> comment; this will be > valid > "forever")

Really? In many countries it is traditional for one or or both
partner(s) to change their name on marriage. And it is not all that
rare for people to change their name at other times for personal or
professional reasons.

>> if I doubt I'll ever in my
>> life time swap out my private email? (see comment
>> above)

But it could happen. How do you know what email addresses and domain
names will look like in several decades? Or whether somebody may offer
to purchase your domain name for a vast sum of money? Or whether you
may at some point forget to renew the domain, or have it stolen from
you by illicit action on behalf of some corporate or government

> My general advice is to create a dedicated key for
> local signatures because it is quite unconvenient to
> always have to use the real mainkey in a secure
> environment. My strategy is: Use the lsign key for
> making other keys valid quickly (just for yourself) and
> use the safe mainkey for active participation in the
> Web of Trust.

That strikes me as good advice even if your main key is not stored

>> > • If you create two keys then create your work key
>> with your personal key > as designated revoker

Sounds like a sensible precaution if work policy allows.

- --
Best regards

MFPA                    mailto:expires2012 at rocketmail.com

If you can't convince them, confuse them.


More information about the Gnupg-users mailing list