Hi, occasionally I notice someone with a public key that has the "SCE" (Sign Certify Encrypt) capabilities set for a single key pair (presumably, they did set these manually during key generation).
I understood that this is not recommended because it may simplify certain attacks (but don't know any sources). Is there a possibility to modify the (main/sub) key capabilities once its generated so they can migrate away from the insecure/less secure setting to, for instance, separate subkeys for Sign and Encrypt? Cheers, ~flapflap
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
