Subject: Re: wanted: educate us please on key dongles

On Fri, Aug 11, 2017 at 10:08:16AM -0700, Sean Whitton wrote:
> Thank you for the explanation.
> On Fri, Aug 11 2017, Jonathan McDowell wrote:
> > * If you don't want to buy hardware, use an offline master
> > key. Create
> > a certification only master key using something like PGP Clean Room
> > on a non-networked host [...]
> By default, GnuPG creates a signing+certification master key. Could you
> explain why it's a good idea to override that? I'm not sure what it
> achieves.

I see no reason why the master key should ever be used for signatures in
such a scenario, so it seems sensible to indicate that it is purely for


/-\ | "Could I have an 'E', please,
|@/ Debian GNU/Linux Developer | Bob?" (Blockbusters)
\- |

Attachment: signature.asc
Description: Digital signature


Programming list archiving by: Enterprise Git Hosting