one ecc key-pair for both encryption and signature?
Andrew Gallagher
andrewg at andrewg.com
Fri Jan 7 15:21:45 CET 2022
On 07/01/2022 14:06, Bernhard Reiter wrote:
> With 2.2.33 is is not possible to create a single ecc key-pair
> that can do "sign" and "encrypt".
There are circumstances (legal, contractual, operational) where you may
need to disclose or share an encryption key, so it is best practice to
keep the encryption-capable subkey distinct. And if you present people
with the option to do a suboptimal thing, a significant fraction of them
will choose that option by accident - so usually best not to offer it in
the first place.
--
Andrew Gallagher
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220107/8c671dbc/attachment.sig>
More information about the Gnupg-users
mailing list