EasyGnuPG
Dashamir Hoxha
dashohoxha at gmail.com
Fri Mar 25 11:02:25 CET 2016
On Fri, Mar 25, 2016 at 10:21 AM, Ben McGinnes <ben at adversary.org> wrote:
>
> Primary keys MUST be C-usage and MAY be SCA usage, by default they're
> SC, but simply creating an S-usage subkey moves the S function to the
> subkey (by default GPG will select the newest subkey with a given
> capability to perform that function). Since default key generation
> does not include authentication (A) keys for SSH, the result is
> usually an SC master with an E subkey of matching bit sizes.
>
Thanks for this explanation.
I beleive that an A key (or subkey) that is never used, does not hurt. So,
my default is to create one.
On the other hand, if an A key is created, I beleive that it is better for
it to be a subkey, rather than a primary key. The reason is that an A key
most probably needs to be used frequently (for example daily), but you may
wish to keep a primary key offline, and these two requirements conflict
with each-other.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20160325/39533f44/attachment.html>
More information about the Gnupg-users
mailing list