I have two keys, my original RSA key (now known as an RSA legacy key) and a Diffie-Hellman key.
Type Bits KeyID Created Expires Algorithm Use sec+ 1024 B09CC89D 1996-04-22 ---------- RSA Sign & Encrypt UserID Keith Parkins <10 GU14 6QJ England> key fingerprint 2A 66 6A 8F 91 42 48 C8 48 98 38 AD 2F D3 45 08
Type Bits KeyID Created Expires Algorithm Use sec+ 4096/1024 4645D502 2004-04-18 ---------- DH/DSS Sign & Encrypt UserID Keith Parkins <firstname.lastname@example.org> key fingerprint 7392 49B2 768B D207 82F6 BA25 7009 B189 4645 D502
My keys can be downloaded as individual keys or as a key block from my website, or from a key server, where details of my keys may also be found.
Please do not sign different types of keys with different types, ie a RSA key with a Diffie-Hellman key or vice a versa, as this may cause interoperability problems. Instead, extract key as an ascii key block, then sign file with key.
For example: Many people may have my RSA legacy key, but few my Diffie-Hellman key. How do I ship them my Diffie-Hellman key and they be sure it has come from me? I export my Diffie-Hellman key as an ascii key block, then sign the file as I would any text file.
Never sign a key unless you are absolutely certain of the ID of the owner of the key.
The only truly secure way to obtain a PGP public key is direct in person from its claimed owner or via a trusted emissary.
PGP ~ What is PGP ~ Why use PGP ~ Web of Trust ~ Quick Reference ~ RSA legacy key ~ HushMail
(c) Keith Parkins 2004 -- April 2004 rev 0