master key certify capability
john doe
johndoe65534 at mail.com
Fri Jan 3 19:06:42 CET 2020
Hi,
I use the following command to test my new key setup:
$ gpg --batch --passphrase '' --yes --quick-gen 'Firstname Lastname
<test at example.com>' rsa4096 cert 1d&& for u in sign sign encrypt; do gpg
--batch --passphrase '' --yes --quick-add-key $(gpg --with-colons -k
test | awk -F::::::::: 'NR==3{print substr($2,1,length($2)-1)}') rsa4096
$u 1d || exit $?; done
which give the following:
$ gpg -K
-----------------------------
sec rsa4096 2020-01-03 [C] [expires: 2020-01-04]
3C5CFD620005347A62052A6B596CB80D30E8829D
uid [ultimate] Firstname Lastname <test at example.com>
ssb rsa4096 2020-01-03 [S] [expires: 2020-01-04]
ssb rsa4096 2020-01-03 [S] [expires: 2020-01-04]
ssb rsa4096 2020-01-03 [E] [expires: 2020-01-04]
Is there any downside to have my master key with the certify capability
only?
In other words, is it required for the master key to have the sign and
certify capabilities.
--
John Doe
More information about the Gnupg-users
mailing list