-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi,
I want to achieve the following: 1. A Master signing key 2. A subkey signing/enc pair for my normal machine 3. A subkey signing/enc pair for e.g. my mobile device What I want to do is to have a different "pair" for my mobile device or work computer than on my machine. I want to give those pairs a shorter lifetime like 1 year (depending on the paranoia level) so I can change them more frequently. (Besides the hopefully security advantages this also would make changing outdated subkeys more easily because there will be still a working keypair while people still update to the new keypairs) To setup a key with subkeys is not to big of a problem. There are enough tutorials out there. I just didn't find a nice key management tool for that. Especially exporting keys with only one of the subkey pairs requires some work ... Now the following problem arises (at least from the reading I have done). As I understand gpg only uses one of the encryption subkeys to encrypt the message. So the question is, is it possible to encrypt to all encryption subkeys in a key? And if yes, is there an easy way to do it, so also not just me can handle that, but also the people who sent me encrypted mails. (And if not, does it make sense to implement something like this in gnupg?) And a more general question: This approach generates some overhead so is there maybe a way to achieve something similar more easily? Thanks for ideas and input. Martin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREKAAYFAlMhi+oACgkQ/6vdZgk46sgnowCcCRLJKxcWaDlrFQqSuWsYg6EY 2mAAn0PqF30Mq/MDKuinw8nZR6yXUogk =ZGtB -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users