On Monday 03 of December 2012 12:41:10 Hauke Laging wrote: > Hello, > > are there arguments for preferring either > > a) having one RSA subkey for decryption only and one for signing only > > or > > b) having only one RSA subkey for both decryption and signing? > > Do any problems arise with the smartcard if the same key shall do different > tasks?
Keys can become "used up" so it entirely depends on how often you use it. What I mean by that, is that any signing operation leaks some information about the key used for signing (generally far less than few tens of a bit). If you have signed tens of thousands of documents with it, an attacker can recover substantial portion of the key and speed up the key recovery. Regards, -- Hubert Kario QBS - Quality Business Software 02-656 Warszawa, ul. Ksawerów 30/85 tel. +48 (22) 646-61-51, 646-74-24 www.qbs.com.pl _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users