Hi, I have question on key management and was looking for some feedback. My issue is that I like the idea of having a Master signing key with no expiration date and I want to store this key offline without the inconvenience of using an offline computer every time i'd like to send a signed/encrypted message.
My idea is to create a master signing key on an offline computer(persistent live usb). Then create two subkeys that have regular expiration dates. One encryption key and one additional "daily-use" signing key. I would post my master key in my signature and use it to sign the sub-keys. When sending mail I would use my daily use key to sign my messages. I would only access and use my master key when it is necessary to sign other keys and update my sub keys. Would this create any problems for those reading and verifying my emails? Would it be necessary to link to my key policy in my mail or would it be seamless that my sub signing key is valid because it is signed by the master. Thank you in advance for any help regarding my questions. I'm still new to gnupg, but I want to set it up right the first time. Patrick _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
