[cryptography] key management guidelines

Jon Callas jon at callas.org
Fri Sep 3 14:41:18 EDT 2010

> On gpg, signatures expire if the signing key expires.  So I create a
> large (e.g. 4096-bit) RSA signing-only key, and then create a large
> (4096-bit RSA) subkey for encryption with an expiration time of 1
> year.  That way, my communication is limited to a year under a key,
> but my signatures last.  What do you think of this idea?

That is precisely what you should do. I'll also note that you can renew that signature if you want, or even the top-level one.

> It's too bad there isn't a notion of identity seperate from keys.
> I suppose email address is one, but they shouldn't have used a key
> (which could expire) as a synonym for an identity.  That's like
> using a phone number or name as the primary key for a customer
> entry in a database.

There are many reasons that identity being a key is a good idea. That was one of the great things about SPKI. However, in OpenPGP, you can have just about anything be an identifier and put the signatures where you want. What are you really looking for?


More information about the cryptography mailing list