-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Mike Frysinger wrote: > probably, but that doesnt really matter to me much ... all the intricacies of > pgp do not interrest me, it's merely a tool to get other things done
When you start doing advanced and sophisticated things with a tool, you need to invest the time in understanding that tool. This is true for pretty much any tool, not just GnuPG. > i have a personal key/uid i use for signing e-mails and such, E837F581. when > doing gpg signing parties, this is what other people sign. in Gentoo, rather > than using personal keys, we create a new key to keep personal and developer > package signing separate. This is sensible. This strongly counter-indicates using a new subkey. After all... when someone sees a signature with your new subkey, they'll then have to find the master signing key and import that before they can verify your signature. And since your personal identity is connected with that master key, you're going to conflate your personal identity with your Gentoo identity. Generate a new keypair and use that instead. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBCAAGBQJFjecNAAoJELcA9IL+r4EJXBcH/1HTzgdltX/Vr4rKjNCDx4j3 gynMWYrpLb9lfeLCfTSAQSwV+/Fa33mJAguyQ8iNOFN/bepEQk+WZcAyNZR/pegm 3tX98bjU7/ecUwZeLuLM0d35W0dH4iYs9NVE3FrDYkzI0Zs/z2XCI2RbjqiH2WND d6gIrNW/TcVxW7F92Dbm3bwHcKhyphGeB37m/8NP7xEmyyUbFoty9fd2zqw4ivUD yaEyG9TygDY9SyFfU2qcDP1bPUCKUN/LFNcY4bxImfc832Iiv0CwXMKTNYrXJQ4U ZdfZmImDOIcsz7pukiZGZA3zHBjLVnCeiG9xfVjUUAYdZOXijRfMMqC1vYmWdSY= =JAbn -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
