Tanks David and Robert for your informative (and quick) replies. It's much more clear now. But, am I the only one to think that the documentation is pretty misleading about "pairs" of keys, and that GPG generate 'a' keypair (With gpg --gen-key a new key-pair is created...), and moreover, that one of the (actually) two generated keypairs is tagged as... "pub"?
> Can anyone explain why there is a difference between signing and > encrypting keypairs, even for the same type (RSA)? As far as I've understood from the documentation, one of the reason should be that it would be good practice to keep the signing key valid indefinitely (thus, having one that never expires so old signatures can be verified too) and renew the cryptographic one pretty often for security reason. As before, I'd love to get confirmations or denials of that ;), and if there's else about it. Thanks so much! -- Lucio Capuani _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
