On Sun, 2019-02-24 at 19:34 +0000, Farhan Khan via Gnupg-users wrote: > Hi all, > > I am still working on setting up the "perfect" setup. When I created the > master, it was [SC]. I > question, why is the signing key part of the master key? Why not have it be a > subkey? Almost > everywhere I looked, the two were a single key except this site > (http://openpgpblog.tumblr.com/post/219954494/photos-on-pgp-keys). In my own > tests the signing > functionality worked the same when they the signing key was a subkey versus a > part of the master. > > Are there any advantages of disadvantages either way? >
Gentoo policy [1] requires split signing subkey. The main advantage is that you can then store primary key offline, and not have it exposed the same way subkeys are. [1]:https://www.gentoo.org/glep/glep-0063.html -- Best regards, Michał Górny
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users