David Alexander Russell wrote: > However I don't know what the 'best practice' is with regards to > keypairs and so on.
GnuPG best practices, in a single sentence: "Unless you know what you're doing and why, stick with the defaults." This one sentence is useful for about 95% of new users' questions. GnuPG is meant to be secure by default: you don't need to know a ton of niggling little details just to use it safely. > The problem is that I'm not particularly hot on cryptography, so it > has all combined to pass far over my head! You're in good company. :) People who write these sorts of articles mean well, but it's very hard to figure out which authors actually know what they're talking about and which are just talking a good game. On top of that, even if you find an article written by someone who knows the subject, the author's recommendations might not make sense in your particular environment. > Could some kind soul please explain, in layman's terms, what I should > generate and how I should use it? I'm on Ubuntu 8.04 so it's GnuPG > 1.4.6 (not the newer version which defaults to RSA - I've read enough > FAQs to establish that DSA is a Bad Thing) if that matters. DSA is not a Bad Thing. Whoever it was who told you this did you a disservice. If you'd like to tell us what you've heard about DSA, we would be happy to correct the misinformation you were given. My suggestion is to "gpg --gen-key". At each step of the way, if you ever don't know what to do, just hit RETURN and go on. GnuPG will produce a high-quality keypair for you. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
