-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Am 13.03.2014 16:42, schrieb [email protected]: > > On Thursday, March 13, 2014 at 8:03 AM, "Martin Behrendt" > <[email protected]> wrote:Hi, > >> I want to achieve the following: 1. A Master signing key 2. A >> subkey signing/enc pair for my normal machine 3. A subkey >> signing/enc pair for e.g. my mobile device > >> What I want to do is to have a different "pair" for my mobile >> device or work computer than on my machine. I want to give those >> pairs a shorter lifetime like 1 year (depending on the paranoia >> level) so I can change them more frequently. > > ===== You can let all your correspondents know that they can > encrypt simultaneously to all 3 of your keys that have the same > e-mail address (assuming that you give them the fingerprints and > long key id' s for the 3 keys, and they aren't going to be fooled > by some attacker making a new key with your name and e-mail > address). >
Thank you, that sounds like a solution worth going for. I'm just not sure, how to e.g. tell thunderbird/enigmail to use multiple keys for one email address when sending (or will it do that by default?). If you have a hint for that would be nice, otherwise I will try to find out myself. My closest thoughts to a solution like this were, go set my reply-to to two email addresses and maybe play around with the subkey identities to achieve the same. Or also two different key pairs. One big key with subkeys would be nicer tho, to hide the "complexity" a little. @Hauke, Daniel Thx for your replies, too. Like I wrote, I am aware that multiple encryption subkeys are not used. Thats why I was asking, if changing that would make sense. Or what the bigger drawbacks are. Also the fact that it is hard to determine which key has which security level is correct and an important issue. But I think this is a problem which can be solved by a proper key management and presentation. Martin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEAREKAAYFAlMh3TgACgkQ/6vdZgk46shm3QCeLD6yYByhhOnDCPCpZPPO/863 9+AAnj2J4NA53YWbO9rn30rEBwh5wR79 =m03k -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
