Best practices for obtaining a new GPG certificate

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Mar 24 02:19:46 CET 2021


On Fri 2021-03-19 08:29:12 +0100, Werner Koch via Gnupg-users wrote:
> You may also skip the menu thing and use
>
>   gpg --quick-gen-key bar at example.com future-default

I agree with Werner's recommendation of using --quick-gen-key and
future-default.

If you're going to provide an e-mail address-only User ID, though, i'd
also recommend wrapping it in angle-brackets, as raw e-mail addresses
are still liable to trigger some minor bugs in various pieces of older
OpenPGP tooling.  So that'd be:

    gpg --quick-gen-key '<bar at example.com>' future-default

Using the defaults (or the future defaults, as here) is a good
practice.  Most people shouldn't need anything fancier.

Regards,

        --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20210323/2cf4942a/attachment.sig>


More information about the Gnupg-users mailing list