User: Password:
Subscribe / Log in / New account



Posted Oct 6, 2011 8:01 UTC (Thu) by liw (subscriber, #6379)
Parent article: On keys, trust, and webs

It may be useful to set up a subkey as well. may be helpful.

(Log in to post comments)


Posted Oct 6, 2011 17:15 UTC (Thu) by dd9jn (subscriber, #4459) [Link]

I second this suggestion. The primary key is only required to sign other keys, create new subkeys and to revoke a subkey or the entire key. It makes me a bit nervous when I notice that my key was signed within minutes after a signing party. Usually that means that the primary key is on some laptop and not too hard to spy out later at the social event. The funny thing is that those folks often use ridiculous long key seizes. Guess what ownertrust I will assign to such keys? Having an offline primary key is more work but after all it pays off if the working key gets compromised.

I use an old unconnected laptop for more than 10 years to keep my primary key reasonable safe.

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds