Dongsheng Song <[email protected]> writes: > Hi all, > > When I create new master/sub key, in the following 2 choice, I'm > wondering which is better? > > 1) master key have SCEA capabilities > > sec rsa4096/A19676A1 > created: 2015-08-20 expires: never usage: SCEA > trust: ultimate validity: ultimate > ssb rsa4096/27ADD750 > created: 2015-08-20 expires: never usage: SEA > > 2) master key have only Certify capability > > sec rsa4096/1F8AFCAD > created: 2015-08-20 expires: never usage: C > trust: ultimate validity: ultimate > ssb rsa4096/8E1D2A87 > created: 2015-08-20 expires: never usage: SEA
I would use a SC master key because I would want to use it to certify other's keys, and would also be able to use it to sign statements in case something bad happened to my sub-keys. I would use three separate sub-keys, one each for the three SEA usages. /Simon
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
