> Following my thread at (1), unless I'm missing something, it became > apparent that Enigmail/Tunderbird does not fit the bill anymore.
It should be noted that Enigmail hasn't changed how it does anything. > My goal is to sign code and sign/encrypt e-mail but I'm not sure what's > the best way forward: We don't know, either. It's going to depend on your own personal risk profile. > - Am I missing something/better approach If you want to segregate your code signing from your email, the best way to do that is with a second certificate -- not adding subkeys to your current one. Ask yourself this: how often have you noticed that my signed messages bear *two* signatures from *two* subkeys belonging to the same certificate? I've been doing this for years and nobody's ever noticed. (Or at least, nobody's ever mentioned it to me to ask why I'm doing something so weird.) So if you're depending on people ascribing special semantic value to which subkey is used -- honestly, I doubt people will ever even notice which subkey you're using. It's simply not a use case that comes up very often, if ever.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
