On 11/8/11 10:01 AM, Simone Cianfriglia wrote: > There are some reasons behind this choice, I think the main one is because > it's safer to manage different keys for different needs.
IIRC, it was a response to laws like the United Kingdom's RIPA which allows the authorities to demand encryption keys from users. By separating encryption and signing into separate subkeys, and making the signing subkey the 'master' one, it allows users to divulge encryption subkeys to the authorities when required, then immediately revoke those encryption subkeys and resume encrypted communications with others. I may be in error.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
