one ecc key-pair for both encryption and signature?
andrewg at andrewg.com
Fri Jan 7 15:21:45 CET 2022
On 07/01/2022 14:06, Bernhard Reiter wrote:
> With 2.2.33 is is not possible to create a single ecc key-pair
> that can do "sign" and "encrypt".
There are circumstances (legal, contractual, operational) where you may
need to disclose or share an encryption key, so it is best practice to
keep the encryption-capable subkey distinct. And if you present people
with the option to do a suboptimal thing, a significant fraction of them
will choose that option by accident - so usually best not to offer it in
the first place.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users