On 22/08/15 17:25, Dongsheng Song wrote: > Now I want to create my new key like this: > > sec rsa4096/93D374EB 2015-08-22 [C] > uid [ultimate] example <exam...@someone.xyz> > ssb rsa2048/466D08E1 2015-08-22 [S] > ssb rsa2048/AD92E667 2015-08-22 [E] > ssb rsa2048/07DEFA25 2015-08-22 [A] > ssb ed25519/AE83BE7C 2015-08-22 [S] > ssb cv25519/0FACE148 2015-08-22 [E] > ssb ed25519/610E5096 2015-08-22 [A]
Sorry I forgot to answer earlier. This seems a reasonable setup. If this makes you feel happy, go for it :). I still think RSA-4096 is a bit much, though. People who have your public key and use an underpowered system will see that building the trust database can take significantly longer in checking your certifications. I don't know when GnuPG checks subkey bindings, but that takes significantly longer as well. Subkey bindings verify the correspondence between a primary key and a subkey, and are part of your public key. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
