PGP keys: concept question
I've got a question about the concept of PGP.
I thought I understood everything:
A private keypair contains 2 keys, a DSA-key and a ElGamal-Key.
The ElGamal-Key decrypts, the DSA-key encrypts. Nobody else than me should have access to the DSA-key.
But then I read the GnuPG manual section about subkeys that says:
And that means, that with the help of the DSA master key, I can generate a ElGamal Key with limited livetime and not publish the primary ElGamal Key that had been created? Or, in my case, revoking the primary ElGamal Key, because I want to have a limited subkey.
Please tell me how to manage having subkeys.
both keys (dsa and elgamal) have a public and a private part, the private part is never given away.
Only the dsa is never used for encryption, it's used for signatures only while the elgamal key is used for encryption.
The advantage is, that, if you wanna change your encryption key for security reasons, you will keep your signatures (web of trust). You just change the encryption (sub)key.
ah, now I inderstand :)
|All times are GMT -5. The time now is 10:53 PM.|