Mailing List Archive: GnuPG: users

Using single subkey for both signing and encryption?

Index | Next | Previous | View Threaded

gpg.mexon at spamgourmet

Nov 1, 2009, 1:28 PM

Post #1 of 2 (115 views)
Permalink

Using single subkey for both signing and encryption?

Hi, I just have a basic question about subkeys. When I create an RSA
subkey I only have the option to create one for signing or encryption,
not both. Why is that? There's nothing different about the keys
themselves, is there? Is there supposed to be some increased security
to doing it this way?

_______________________________________________
Gnupg-users mailing list
Gnupg-users[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

John at Mozilla-Enigmail

Nov 1, 2009, 3:22 PM

Post #2 of 2 (112 views)
Permalink

Re: Using single subkey for both signing and encryption? [In reply to]

gpg.mexon[at]spamgourmet.com wrote:
> Hi, I just have a basic question about subkeys. When I create an RSA
> subkey I only have the option to create one for signing or encryption,
> not both. Why is that? There's nothing different about the keys
> themselves, is there? Is there supposed to be some increased security
> to doing it this way?

Given that the underlying mathematics is the same for encryption and signing,
only in reverse, if an attacker can convince a key holder to sign an unformatted
encrypted message using the same key then she gets the original.

--
John P. Clizbe Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or
mailto:pgp-public-keys[at]gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

Attachments:

signature.asc (0.66 KB)

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact lists@gossamer-threads.com