Hello,
I am giving very serious thought to creating new keys and
doing a (long-term) transition to them. This is partly to respond to
known flaws with SHA-1 and take advantage of SHA-256 and higher.There is currently a push to move away from SHA-1 usage by the end of 2010, although it will almost certainly take longer than that. There is a discussion of some of the issues involved here. http://www.debian-administration.org/users/dkg/weblog/48 At the moment I am planning on using an RSA signing key, but I have not made my final decision on the encryption subkeys. I am leaning towards Elgamal, but that's by no means certain. The other option, of course, is to create a key with both RSA and Elgamal encryption subkeys, which does lead to questions: 1) I've forgotten how GPG handles the subkeys, does it choose the strongest key or the newest key by default or does it encrypt to all active (non-revoked or non-expired) subkeys? 2) How does PGP (of any version) handle multiple subkeys? 3) Does anyone know of any problems or issues with any version of PGP or GPG when handling keys with multiple subkeys? 4) Which encryption algorithm do people prefer of RSA and Elgamal, if either, and why? I'm doing my own research here, of course, but it doesn't hurt to ask (yes, I'm already aware of Sam Simpson's informative FAQ and am re-reading it). The opinions of the list on any or all of these questions would be greatly appreciated. Regards, Ben P.S. Apologies to readers of PGPNET and/or PGPMIMENET, who have already seen this message. ;)
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
