New user needs some help

Thu Jun 5 09:26:16 CEST 2014

Dear GnuPG users,

As part of the ResetTheNet campaign I decided to start using email
encryption. I am a relatively new user of gpg, who is looking forward
to using it for secure communication. Currently I am trying to
generate a new PGP key by following some good/best practices. I have
done some research into the matter, and I managed to gather some
knowledge about the whole process. Still there are some details that I
am unsure about. I've read the GnuPG manual, the man page, the
handbook, and various other articles online. In particular these two
were most interesting and helpful:

https://we.riseup.net/riseuplabs+paow/openpgp-best-practices
https://alexcabal.com/creating-the-perfect-gpg-keypair

Based on what I know so far I managed to come up with the following steps.

- Boot a recent live linux CD on an unrelated computer
- Create a 4096-bit RSA certification key with unlimited expiry
- Add a 4096-bit RSA encryption subkey with 5 year expiry
- Add a 4096-bit RSA signing subkey with 5 year expiry
- Export the master keypair (pub + priv key) to an encrypted USB stick
- Generate a revocation key, put it on the encrypted USB stick
- Put the resulting USB stick somewhere safe, maybe back it up too
- Remove the master private key from the keyring (not the private subkeys)
- Export the public key, and the laptop private key to another USB stick
- Power off the laptop to erase RAM
- Import the laptop key into my laptop's GnuPG keyring for daily use
- Upload the public key to a keyserver
- Get some key signatures
- Sign some other public keys (will need master key for this)

And my gpg.conf (on the PC where the key is generated as well as on
the laptop) looks like this:
--------------------------------------------------
# Keyserver settings
keyserver hkps://hkps.pool.sks-keyservers.net
keyserver-options no-honor-keyserver-url
ca-cert-file=/etc/ca-certificates/sks-keyservers.netCA.pem

# Display options
no-greeting
no-emit-version
fixed-list-mode
keyid-format 0xlong
with-fingerprint
verify-options show-uid-validity
list-options show-uid-validity
sig-notation issuer-fpr at notations.openpgp.fifthhorseman.net=%g

# Ciphers, hashes, stuff
personal-digest-preferences SHA512 SHA384 SHA256 SHA224
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES
CAST5 BZIP2 ZLIB ZIP Uncompressed
cert-digest-algo SHA512

# Misc
use-agent
--------------------------------------------------

Now I have a few questions about the above procedure.

A) Is my key generation procedure okay? Am I missing any critical
steps? I mostly followed one of the articles I linked above. Are these
keys (with additional signing subkey) compatible with other OpenPGP
software?

B) Are my gpg.conf settings ok? Am I missing any important options?
Would you add/remove any? Change any?

C) What is the purpose of this line "sig-notation
issuer-fpr at notations.openpgp.fifthhorseman.net=%g" in the config file?
I can't seem to understand it. Why was it proposed? Is it compatible?

D) While reading the GnuPG manual I came across some missing options
that I *might* want to add. These were not proposed in the article.
Should I add any of the following options to the config file, and what
should I set them to?

cert-notation
personal-cipher-preferences
s2k-cipher-algo
s2k-digest-algo

E) I noticed this: cert-digest-algo SHA512
The GnuPG 2 manual (pg. 51) warns that if this is set to a value that
other OpenPGP implementations don't support, some users will be unable
to use my key signatures. Personally I don't mind using strong hashes,
but is this going to be a problem? I have no idea what other OpenPGP
implementations support. GnuPG is the only one I know about.

F) I like twofish. Should I add it to the list of my personal preferences?

G) I have read some complaints from users about keys that use long
signature hashes like sha512. In particular this makes emails
difficult to read because some discussions can get crowded with long
signatures, which is rather irritating to read and navigate. Is it
possible to use sha256 for email signatures, and sha512 for everything
else i.e. signing files. I use Thunderbird with Enigmail on Linux.

H) Is it okay to generate PGP keys on a live linux CD? I mean is there
sufficient entropy present? What can I do to introduce some more noise
into the system? Some tutorials suggest moving the mouse, others tell
me to use IO-heavy tasks i.e. the "find" command. Comments?

There. That's about everything I came up with. Hopefully we can clear
up the confusion, and I am looking forward to using GnuPG. I would
like to thank you in advance for any answers, hints, comments,
suggestions and advice.

Best regards,
Thomas