Andrew Gallagher andrewg at andrewg.com
Tue Mar 22 23:56:27 CET 2016

On 22 Mar 2016, at 22:10, Dashamir Hoxha <dashohoxha at gmail.com> wrote:
>> On Tue, Mar 22, 2016 at 10:21 PM, Peter Lebbing <peter at digitalbrains.com> wrote: 
>> And why is your primary key capable of encryption? One of the reasons for
>> subkeys is so you don't have to use the same key material for both encryption
>> and signing, since this opens up some subtle points of attack that are easily
>> avoided.
> What is wrong with that? As long as there is a subkey for encryption, gpg will use the subkey for encryption, even if the primary key is capable of encryption.

Please please for the love of all that is sweet and beautiful in the world don't make an encryption-usage primary key. If you ignore everything else Peter has said, please don't ignore this. There are no benefits whatsoever to making an E-usage primary key, and plenty of reasons not to. And unlike expiry dates which can be fixed later, once you have E enabled on a primary key you can't remove it without hacking the innards of the data structure.

IMHO the only thing to do with E-usage primary keys is revoke them and start again from scratch. The only reason they are even still allowed in GPG is for backwards compatibility, right...?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20160322/a3d76834/attachment.html>

More information about the Gnupg-users mailing list