[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: How to add information about purpose/security of sub keys?
From: adrelanos <adrelanos () riseup ! net>
Date: 2013-11-13 23:08:14
Message-ID: 5284065E.2080207 () riseup ! net
[Download RAW message or body]
Hi!
I would like to partition my key like this:
- long term identity key (air gapped, master key) [a]
-- short term e-mail encryption key (less secured sub key, only on mail
machine) [b]
-- short term e-mail signing key (less secured sub key, only on mail
machine) [c]
-- short term images/repository key (less secured sub key, only on
software build machine) [d]
-- long term encryption key (air gapped, sub key) [f]
In other words, I would use:
- [b] and [c] for convenience, communication which isn't that important
- [c] to sign software / apt repository
- [a] to sign important messages (key transition etc.)
- [f] little convenience, for receiving important messages
What is the best way to make key [b] the default, so anyone writing an
encrypted mail will use key [b] and not key [f] unless a conscious
decision was made?
What is the best way to communicate...?
- if you want to send a mail, in most cases, use key [b],
- unless it is really important, then use key [f]
- most of my mails will be encrypted with key [c], unless it's
important, then I use key [a]
- software I sign will be signed with key [d], do not use software
signed with key [c]
It would be best if this information was presented by default, such as
when importing my key or at least when running --fingerprint. What is
the best way to communicate that, sub packets (notations), UUID comments
or something else?
Are sub packets (notations) signed by the master key [a]?
Are UID comment signed by the master key [a]?
Cheers,
adrelanos
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic