"Please select what kind of key you want"

David Shaw dshaw at jabberwocky.com
Mon Feb 23 01:48:42 CET 2009 

On Feb 22, 2009, at 6:54 PM, gerry_lowry (alliston ontario canada)  
wrote:

> Preamble
> ----------
> Michael W. Lucas on page 73 in Chapter 4 of "PGP & GPG:  Email for  
> the Practical Paranoid",
> No Starch Press, (c) 2006, shows the following choices for
> "Please select what kind of key you want":
>   (1) DSA and Elgamal (default)
>   (2) DSA (sign only)
>   (5) RSA (sign only)
>
> Michael recommends choosing "5" which turns out to be a disadvantage
> that one might not discover until the first time that she/he  
> attempts to
> encrypt something.

He recommends a RSA signing key and later adding a subkey for  
encryption.  This is only a problem if someone does part 1 (the  
signing key) of his recommendation and skips part 2 (the encryption  
subkey)

> AFAIK, other people can still encrypt for the user who has selected  
> "5"
> above.  And the user can decrypt whatever she/he receives.

This is not correct.  A sign only key means sign only.  It has no  
encryption capability.  That's why you need a subkey to handle the  
encryption.

> I do not recall Michael discussing the solution to the problems
> caused by selecting just "(5) RSA (sign only)", although, since his
> book is written for a beginner audience, I do think he should
> have addressed this problem.  Nevertheless, I found his book
> still quite helpful.
>
>
> QUESTIONS
> -----------------
> Especially because of my experience mentioned above, I tend to pay  
> attention
> to the text that follows  "Please select what kind of key you want".
>
> The Windows' version that I used matches Michael's text:
>> gpg --gen-key
>           gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software  
> Foundation, Inc.
>
>           Please select what kind of key you want:
>              (1) DSA and Elgamal (default)
>              (2) DSA (sign only)
>              (5) RSA (sign only)
>
>> From "gpg  --edit-key    ID    addkey",  I also get
>              (2) DSA (sign only)
>              (4) Elgamal (encrypt only)
>              (5) RSA (sign only)
>              (6) RSA (encrypt only)
>     ----------------------------------  where's (3)
>              (3) ??????????????
>
> Why is there no "(3)" in the above two lists [gen-key list, addkey  
> list]?

(3) and (7) are special cases for advanced users.  They do not show up  
in the menu unless the "--expert" flag is given.  They let you create  
a key with any features that you want (for example, you could create a  
RSA key that can sign and encrypt with a single key and not need  
subkeys at all).  This is for advanced use only.

> Why are choices "(4) Elgamal (encrypt only)" and "(6) RSA (encrypt  
> only)"
> not present in the "gen-key" list?

They are not meaningful there.  gen-key creates a primary key, and as  
per the OpenPGP standard, a primary key must be able to issue  
certification signatures.  An encrypt only key, by definition, cannot  
issue signatures.

> Why is choices "(1) DSA and Elgamal (default)" not present in the  
> "addkey" list?

Again, not meaningful there.  addkey creates subkeys.  DSA+Elgamal is  
not a subkey (it's a shortcut for specifying a DSA primary and an  
Elgamal subkey).

> ============  http://www.netbsd.org/developers/pgp.html   
> ==============
> shows different choices for "gpg --gen-key":
>   (1) DSA and ElGamal (default)
>   (2) DSA (sign only)
>   (4) ElGamal (sign and encrypt)
>   (5) RSA (sign only)
>
> Exploring further "Please select what kind of key you want" via  
> Google,
> I get the impression that there's potentially a standard that might  
> read something like:
>     position (1) should always be __________;
>     position (2) should always be __________;
>     position (3) should always be __________; et cetera
> and for any position, you can offer nothing, sign only, encrypt  
> only, or sign and encrypt together.
>
> Is that the case with regards to developer guidelines?

No.  The numbers have changed in the past, and may well change in the  
future.

> Also, I'm guessing that although a developer might opt out of  
> creating a key of type X,
> regardless, the developer must presumably support a complete set of  
> encryption/decryption
> choices for the purpose of processing public and private keys  
> properly.  Is this the case?

Not really.  It is true that the developer can choose to not allow  
creating certain key types in their OpenPGP program.  It is also true,  
though, that the developer can choose to not support an algorithm at  
all.  The only algorithms that are required to be supported are DSA  
for signing, Elgamal for encryption, 3DES as a symmetric cipher, and  
SHA-1 as a hash.  Strictly speaking, everything else is optional.  Of  
course, most programs support a good chunk of the optional algorithms.

David

More information about the Gnupg-users mailing list