On 22/08/15 17:25, Dongsheng Song wrote:
Now I want to create my new key like this:
sec rsa4096/93D374EB 2015-08-22 [C]
uid [ultimate] example exam...@someone.xyz
ssb rsa2048/466D08E1 2015-08-22 [S]
ssb rsa2048/AD92E667 2015-08-22 [E]
ssb rsa2048/07DEFA25 2015-08-22 [A]
On Fri, Aug 21, 2015 at 6:49 PM, Peter Lebbing pe...@digitalbrains.com wrote:
On 21/08/15 11:31, Dongsheng Song wrote:
But I still did't know why the master key have sign and certify
capabilities in the default ?
I suppose because it doesn't hurt. They're both signatures in essence;
On 21/08/15 11:31, Dongsheng Song wrote:
But I still did't know why the master key have sign and certify
capabilities in the default ?
I suppose because it doesn't hurt. They're both signatures in essence;
cryptographically they are the same and exchangable. The difference only
lies in the
Dongsheng Song dongsheng.s...@gmail.com writes:
Hi all,
When I create new master/sub key, in the following 2 choice, I'm
wondering which is better?
1) master key have SCEA capabilities
sec rsa4096/A19676A1
created: 2015-08-20 expires: never usage: SCEA
trust: ultimate
On 20/08/15 17:01, Peter Lebbing wrote:
Most importantly, it's generally advised not to do encryption and
signing with the same key material.
This is just a general recommendation, and abusing the fact a key is
used for both encryption and signatures is an intricate matter. But
since OpenPGP
Thanks, now I see why I should use a exclusively subkey for
authenticate capability.
But I still did't know why the master key have sign and certify
capabilities in the default ? I think the sign capability should move
to a exclusively subkey.
___
Hi all,
When I create new master/sub key, in the following 2 choice, I'm
wondering which is better?
1) master key have SCEA capabilities
sec rsa4096/A19676A1
created: 2015-08-20 expires: never usage: SCEA
trust: ultimate validity: ultimate
ssb rsa4096/27ADD750
When I create new master/sub key, in the following 2 choice, I'm
wondering which is better?
I'd recommend the defaults as best practice. They're there for a reason.
Why are you restricting yourself to the following 2 choices? They both
seem ill-advised (and unusual as well). Most importantly,
On Fri, 12 Apr 2013 03:00, mailinglis...@hauke-laging.de said:
That is an inconsistent explanation. If --list-packets can show data from
signatures without checking the signatures then obviously --with-colons
It does not show that. It dumps the packets. The key capabilities need
On Thu, 11 Apr 2013 00:28, mailinglis...@hauke-laging.de said:
2) You import the key but direct it to a different keyring, see
--keyring
--secret-keyring
--primary-keyring
--no-default-keyring
You better use a temporary directory. This is far easier than to play
with all the options and it
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Branko Majic asked:
I'm trying to find a way to list the key capabilities of a key before
importing it. I can obtain some basic information by using the command
(I've seen this one in the mailing list archives):
In addition to the other
Hello all,
I'm trying to find a way to list the key capabilities of a key before
importing it. I can obtain some basic information by using the command
(I've seen this one in the mailing list archives):
gpg2 --with-colons test.key
The only catch being that the above command will not list
Am Mi 10.04.2013, 22:57:53 schrieb Branko Majic:
Hello all,
I'm trying to find a way to list the key capabilities of a key before
importing it. I can obtain some basic information by using the command
(I've seen this one in the mailing list archives):
gpg2 --with-colons test.key
The only
Christoph Anton Mitterer wrote:
Cryptographically it is about the same as normal signing, it simly
denotes that a key may be used to sign other keys.
Jep, I just stumbled on GPG not displaying it (because
I was just creating a key that will mainly be used to
sign other keys). Thanks, Christoph
Hi,
I have read about the following key capabilites:
- sign
- encrypt
- authenticate
- certification
When I generate an RSA key, GPG provides the capabilities
sign, encrypt and authenticate (in expert mode), but
not certification.
Is certification somethin that is actually implemented
or
On Thu, Nov 17, 2005 at 02:34:06PM +0100, Olaf Gellert wrote:
Hi,
I have read about the following key capabilites:
- sign
- encrypt
- authenticate
- certification
When I generate an RSA key, GPG provides the capabilities
sign, encrypt and authenticate (in expert mode), but
not
Olaf Gellert wrote:
When I generate an RSA key, GPG provides the capabilities
sign, encrypt and authenticate (in expert mode), but
not certification.
Certification is always used automatically for the primary (signing) key.
If you edit your key (gpg --edit-key foo) you'll see a Usage: CS
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
David Shaw wrote:
| Authentication is signing a challenge (like ssh does). The
| Authentication stuff can be used to log in to a machine using your GPG
key.
|
Is there any public documentation on how to implement this? The only way
I've seen
On Fri, Apr 01, 2005 at 06:33:13PM +0200, [EMAIL PROTECTED] wrote:
What is the meaning of usage/capabilities listings for
keys(shown, for
example, during edit-keys interactive sessions)?
S - sign
E - encrypt
C - ?
A - ?
looking at doc/DETAILS I found
C - certification
A - authentication
19 matches
Mail list logo