Best practices for obtaining a new GPG certificate

Robert J. Hansen rjh at
Fri Mar 19 08:12:33 CET 2021

> I'd like to know current best practices for obtaining a new one?

This question gets asked so often that it has its own FAQ entry.  Yes, 
parts of the FAQ are outdated, but this particular one is very current.

* You don't need to "tune" GnuPG before using it
* The defaults for key generation are conservative and safe
* Don't overthink things.  :)

My sometimes-snarky (but completely-sincere) opinion on this evergreen 
question is, "unless you know what you're doing and why you're doing it, 
stick with the defaults."

The other piece of sometimes-snarky (but also completely-sincere) advice 
is that a good 90% of the web pages you find that talk about how to 
create the "perfect" GnuPG key are absolutely full of it.

More information about the Gnupg-users mailing list