> I believe that the key I'm signing this message with is 2048 bits and
> will expire next year. If I've got either of those details wrong, please
> correct my error(s).

No.  There's no expiration date on your certificate, and it's a 4096-bit
RSA keypair.

> What size key do you recommend I create in order to be future proof (for
> the rest of my life -- I'm in my early 50s)?

I personally think it's unlikely 4096-bit RSA keys will be broken in the
next twenty years.  Over that timeframe, RSA-4096 is probably stronger
than elliptical curve cryptography: we might (*might*) have quantum
computers large enough to tackle ECC by 2040, but RSA-4096 would require
a far larger quantum computer.

> I believe that the master key for the subkey I'm currently using will
> also expire next year. How would I go about confirming/refuting that
> assumption?

quorra:~ rjh$ gpg --edit-key "Charlie Derr"

pub  rsa4096/BB8B3D7331A9367F
     created: 2010-12-16  expires: never       usage: SCA
     trust: unknown       validity: unknown
sub  rsa4096/F44E4BC7C1F121DD
     created: 2010-12-16  expires: never       usage: E
[ unknown] (1). Charlie Derr <cd...@simons-rock.edu>

> I currently use gnupg with two different email accounts (this one and a
> gmail address) and I use different mail clients for each: thunderbird
> with enigmail here and claws-mail (and whatever debian gnupg plugin is
> appropriate for claws) with gmail. How can I set things up so that I can
> switch back and forth between two keys (for signing) until this one
> expires in 2018?

I don't use Claws, so I can't answer that; but Thunderbird+Enigmail
allows you to use whichever key you wish -- just set it up according to
the instructions on the Enigmail webpage.  If the instructions there are
unclear or confusing, I'm happy to help you with it further.

Gnupg-users mailing list

Reply via email to