a bunch of questions
Robert J. Hansen
rjh at sixdemonbag.org
Fri Nov 10 07:42:31 CET 2017
> I believe that the key I'm signing this message with is 2048 bits and
> will expire next year. If I've got either of those details wrong, please
> correct my error(s).
No. There's no expiration date on your certificate, and it's a 4096-bit
> What size key do you recommend I create in order to be future proof (for
> the rest of my life -- I'm in my early 50s)?
I personally think it's unlikely 4096-bit RSA keys will be broken in the
next twenty years. Over that timeframe, RSA-4096 is probably stronger
than elliptical curve cryptography: we might (*might*) have quantum
computers large enough to tackle ECC by 2040, but RSA-4096 would require
a far larger quantum computer.
> I believe that the master key for the subkey I'm currently using will
> also expire next year. How would I go about confirming/refuting that
quorra:~ rjh$ gpg --edit-key "Charlie Derr"
created: 2010-12-16 expires: never usage: SCA
trust: unknown validity: unknown
created: 2010-12-16 expires: never usage: E
[ unknown] (1). Charlie Derr <cderr at simons-rock.edu>
> I currently use gnupg with two different email accounts (this one and a
> gmail address) and I use different mail clients for each: thunderbird
> with enigmail here and claws-mail (and whatever debian gnupg plugin is
> appropriate for claws) with gmail. How can I set things up so that I can
> switch back and forth between two keys (for signing) until this one
> expires in 2018?
I don't use Claws, so I can't answer that; but Thunderbird+Enigmail
allows you to use whichever key you wish -- just set it up according to
the instructions on the Enigmail webpage. If the instructions there are
unclear or confusing, I'm happy to help you with it further.
More information about the Gnupg-users