multiple subkeys and key transition
Grant Olson
kgo at grant-olson.net
Thu Dec 9 18:25:53 CET 2010
On 12/9/10 8:41 AM, Hauke Laging wrote:
> Am Donnerstag 09 Dezember 2010 07:14:53 schrieb Ben McGinnes:
>> Hello,
>> I am giving very serious thought to creating new keys and
>> doing a (long-term) transition to them. This is partly to respond to
>> known flaws with SHA-1 and take advantage of SHA-256 and higher.
>
> What is the relation between a key and the hashing algorithms?
>
>
Right. If the hash algo is your only concern, you can just change that.
No need to regenerate a key, unless you're just using that as an
motivator to bump up your key-size and/or create an offline primary key.
Regarding RSA vs DSA/ElGamal, without having done any research at all,
I'm assuming the defaults in GPG changed from DSA/ElGamal to RSA/RSA for
a reason, so I went with the latter.
And apologies, because I know you said you have no intention of using a
smartcard (twice), but if you're creating a key for the next ten years
then it's possible you'll change your mind say five years from now.
--
Grant
"I am gravely disappointed. Again you have made me unleash my dogs of war."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 559 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20101209/d707dcbd/attachment.pgp>
More information about the Gnupg-users
mailing list