Hi folks!
Ok,.. I know that you can set at least the following flags to specify
the purpose of a key:
A - authorsation
C - certification
E - encryption
S - signation
Ok,.. as far as I understood, if a key is C-only that this indicates
that it is used solely for signing other keys, but not for signing
normal data, correct?
Ok,.. I thought about that and came to the result - correct me if I'm
wrong - that it would be more secure to use the primary key only for
certificating other keys (and of course for self-sigs).
Ok my current key looks like the following:
primary: CS, RSA-S, 4096 bit
secondary: E, ElGamal, 4096 bit
So I think it would be better to have the following:
primary: C, RSA-S, 4096 bit
secondary: S, RSA-S, 4096 bit
secondary: E, ElGamal, 4096 bit
Ok...
1) Is it advisable at all?
2) Can I change this with GPG (without having to create a new key, of
course)?
3) If not: Is this function going to be intruduced in GPG the next time?
4) If not: How could I do that else?
5) Would it change my primary key in such a way, that it renders the
signatures that I've already received from other users invalid?
Best wishes,
Chris.
begin:vcard
fn:Mitterer, Christoph Anton
n:Mitterer;Christoph Anton
org:Munich University of Applied Sciences;Department of Mathematics and Computer Science
adr;quoted-printable;quoted-printable:;;Lothstra=C3=9Fe 34;M=C3=BCnchen;Freistaat Bayern;80335;Federal Republic of Germany
email;internet:[EMAIL PROTECTED]
tel;home:+49 89 24409568
tel;cell:+49 172 8617341
x-mozilla-html:TRUE
url:http://fhm.edu/
version:2.1
end:vcard
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
