On Wed, Feb 20, 2013 at 09:38:38PM +0100, Luis Ressel wrote: > On Mon, 18 Feb 2013 23:27:46 +0000 > "Robin H. Johnson" <robb...@gentoo.org> wrote: > > 3. Dedicated Gentoo signing subkey > What's the point of this, btw? Ideally keeping your primary key offline to increase security.
However, the original theory was that if there was some attack that required a large amount of ciphertext or a targeted plaintext input, you would be limiting the ciphertext to only gentoo-specific content, and could trivially rotate the subkey without any impact on your primary key. -- Robin Hugh Johnson Gentoo Linux: Developer, Trustee & Infrastructure Lead E-Mail : robb...@gentoo.org GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85
