Mainkey with many subkeys??
kristian.fiskerstrand at sumptuouscapital.com
Mon Dec 8 12:43:41 CET 2014
-----BEGIN PGP SIGNED MESSAGE-----
On 12/08/2014 10:12 AM, gnupgpacker wrote:
> Kristian, I am a little bit confused about your key design ;)
> Main key has options SC. There is an active newer signing key S, so
> this will be always used for signing?
> And there are two active encryption keys E: GPG uses in my opinion
> only the key generated latest, isn't it?
Normally yes, the reason there is currently two active is that I
generate new encryption subkeys once a year, and we're now in overlap
with one of them expiring at the end of this year. For users
refreshing the keyring they will normally use the newest one already,
but this overlap reduce the likelihood of unavailability due to expiry.
> So how to desire which key is used?
> And what's about backward compatibility?
Backwards compatibility in which capacity? Encryption subkeys are well
supported, signing subkeys are not supported by older versions of PGP,
but people should not be using these versions anyways.
> Thanks for any hint, regards, Chris
>> -----Original Message----- From: Gnupg-users
>> [mailto:gnupg-users-bounces at gnupg.org] On Behalf Of Kristian
>> Fiskerstrand Sent: Sunday, December 07, 2014 10:16 PM Tomo:
>> you'll find that my key have a few subkeys at least due to these
>> practises. It doesn't provide any issue for either keyservers or
>> to use more generally, but you are correct in that the
>> information is retained.
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
Qui audet vincit
Who dares wins
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users