> I believe that the key I'm signing this message with is 2048 bits and
> will expire next year. If I've got either of those details wrong, please
> correct my error(s).
No. There's no expiration date on your certificate, and it's a 4096-bit
> What size key do you recommend I create in order to be future proof (for
> the rest of my life -- I'm in my early 50s)?
I personally think it's unlikely 4096-bit RSA keys will be broken in the
next twenty years. Over that timeframe, RSA-4096 is probably stronger
than elliptical curve cryptography: we might (*might*) have quantum
computers large enough to tackle ECC by 2040, but RSA-4096 would require
a far larger quantum computer.
> I believe that the master key for the subkey I'm currently using will
> also expire next year. How would I go about confirming/refuting that
quorra:~ rjh$ gpg --edit-key "Charlie Derr"
created: 2010-12-16 expires: never usage: SCA
trust: unknown validity: unknown
created: 2010-12-16 expires: never usage: E
[ unknown] (1). Charlie Derr <cd...@simons-rock.edu>
> I currently use gnupg with two different email accounts (this one and a
> gmail address) and I use different mail clients for each: thunderbird
> with enigmail here and claws-mail (and whatever debian gnupg plugin is
> appropriate for claws) with gmail. How can I set things up so that I can
> switch back and forth between two keys (for signing) until this one
> expires in 2018?
I don't use Claws, so I can't answer that; but Thunderbird+Enigmail
allows you to use whichever key you wish -- just set it up according to
the instructions on the Enigmail webpage. If the instructions there are
unclear or confusing, I'm happy to help you with it further.
Gnupg-users mailing list