Dashamir Hoxha dashohoxha at gmail.com
Fri Mar 25 11:02:25 CET 2016

On Fri, Mar 25, 2016 at 10:21 AM, Ben McGinnes <ben at adversary.org> wrote:
> Primary keys MUST be C-usage and MAY be SCA usage, by default they're
> SC, but simply creating an S-usage subkey moves the S function to the
> subkey (by default GPG will select the newest subkey with a given
> capability to perform that function).  Since default key generation
> does not include authentication (A) keys for SSH, the result is
> usually an SC master with an E subkey of matching bit sizes.

Thanks for this explanation.
I beleive that an A key (or subkey) that is never used, does not hurt. So,
my default is to create one.
On the other hand, if an A key is created, I beleive that it is better for
it to be a subkey, rather than a primary key. The reason is that an A key
most probably needs to be used frequently (for example daily), but you may
wish to keep a primary key offline, and these two requirements conflict
with each-other.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20160325/39533f44/attachment.html>

More information about the Gnupg-users mailing list