On Sun, Feb 10, 2008 at 08:48:13PM -0600, Kevin Hilton wrote: > When I perform a > > gpg --expert --gen-key > > Im given the following options: > > Please select what kind of key you want: > (1) DSA and Elgamal (default) > (2) DSA (sign only) > (3) DSA (set your own capabilities) > (5) RSA (sign only) > (7) RSA (set your own capabilities) > Your selection? > > If I select either 3 or 7, Im given the choice similar to below (note > the following was produced with option #3): > Possible actions for a DSA key: Sign Certify Authenticate > Current allowed actions: Sign Certify > > (S) Toggle the sign capability > (A) Toggle the authenticate capability > (Q) Finished > > I believe I'm aware of the signing capabilities, but how does Certify > differ from Authenticate? Obviously I'm confused on the meaning of > Certify vs Authenticate. I thought the public DSA signing key did > certification/authentication whereas the private DSA key performed the > signing.
The public/private question is not relevant here. Sign = sign some data Certify = sign a key Authenticate = prove you are you Authenticate is used for things like using an OpenPGP key for ssh. David _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
