Different signing & encryption keys
Philip Jackson
philip.jackson at nordnet.fr
Wed Aug 13 10:56:25 CEST 2014
On 12/08/14 21:05, Werner Koch wrote:
> On Tue, 12 Aug 2014 19:50, psusi at ubuntu.com said:
>> We used to use different keys for signing and encrypting ( DSA & El
>> Gammel ), but these days just seem to use a single RSA key by default.
>
> That is not the case. GnuPG creates an RSA signing key and an RSA
> encryption subkey by default. These are different keys because the
> common wisdom is to use one key for one purpose.
>
The important here must be 'by default'. Last year, I followed a thread on the
gpg4win forum and created an 8192 key using gpg --batch command. The key
produced was a single RSA8192 key for encrypt, sign, certify, authenticate,
probably because I did not specify any sub-key. (I still have it but have never
used it nor released it to the world).
I don't recall having been prompted by gpg to specify a sub-key so I could say
that gpg produced a single key 'by default'. It was a year ago so I could be
mistaken.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x23543A63.asc
Type: application/pgp-keys
Size: 5190 bytes
Desc: not available
URL: </pipermail/attachments/20140813/72da7d14/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140813/72da7d14/attachment.sig>
More information about the Gnupg-users
mailing list