Best practices for obtaining a new GPG certificate

Daniel Kahn Gillmor dkg at
Wed Mar 24 02:19:46 CET 2021

On Fri 2021-03-19 08:29:12 +0100, Werner Koch via Gnupg-users wrote:
> You may also skip the menu thing and use
>   gpg --quick-gen-key bar at future-default

I agree with Werner's recommendation of using --quick-gen-key and

If you're going to provide an e-mail address-only User ID, though, i'd
also recommend wrapping it in angle-brackets, as raw e-mail addresses
are still liable to trigger some minor bugs in various pieces of older
OpenPGP tooling.  So that'd be:

    gpg --quick-gen-key '<bar at>' future-default

Using the defaults (or the future defaults, as here) is a good
practice.  Most people shouldn't need anything fancier.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <>

More information about the Gnupg-users mailing list