Authenticate capability of DSA or RSA signing keys
Kevin Hilton
kevhilton at gmail.com
Mon Feb 11 03:48:13 CET 2008
When I perform a
gpg --expert --gen-key
Im given the following options:
Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(3) DSA (set your own capabilities)
(5) RSA (sign only)
(7) RSA (set your own capabilities)
Your selection?
If I select either 3 or 7, Im given the choice similar to below (note
the following was produced with option #3):
Possible actions for a DSA key: Sign Certify Authenticate
Current allowed actions: Sign Certify
(S) Toggle the sign capability
(A) Toggle the authenticate capability
(Q) Finished
I believe I'm aware of the signing capabilities, but how does Certify
differ from Authenticate? Obviously I'm confused on the meaning of
Certify vs Authenticate. I thought the public DSA signing key did
certification/authentication whereas the private DSA key performed the
signing.
Thanks for any explanation!
--
Kevin Hilton
More information about the Gnupg-users
mailing list