| 1 |
On Wed, Feb 20, 2013 at 09:38:38PM +0100, Luis Ressel wrote: |
| 2 |
> On Mon, 18 Feb 2013 23:27:46 +0000 |
| 3 |
> "Robin H. Johnson" <robbat2@g.o> wrote: |
| 4 |
> > 3. Dedicated Gentoo signing subkey |
| 5 |
> What's the point of this, btw? |
| 6 |
Ideally keeping your primary key offline to increase security. |
| 7 |
|
| 8 |
However, the original theory was that if there was some attack that |
| 9 |
required a large amount of ciphertext or a targeted plaintext input, you |
| 10 |
would be limiting the ciphertext to only gentoo-specific content, and |
| 11 |
could trivially rotate the subkey without any impact on your primary |
| 12 |
key. |
| 13 |
|
| 14 |
-- |
| 15 |
Robin Hugh Johnson |
| 16 |
Gentoo Linux: Developer, Trustee & Infrastructure Lead |
| 17 |
E-Mail : robbat2@g.o |
| 18 |
GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85 |
Archives