PGP Encryption

Winfried Tilanus pmmail@rpglink.com
Wed, 15 Mar 2000 13:46:37 +0100


On Wed, 15 Mar 2000 12:09:21, Brian Morrison wrote:

>OK, well let's see. I have both an RSA key (generated with PGP 2.6.3i)
>and a DH key (generated with PGP 5.0i). Both of these are on my
>keyring. Someone I correspond with has both my public keys, we normally
>use our DH keys because of the better security they offer, and the fact
>that the signing and encryption keys are distinct. However, I also use
>a computer for which the latest PGP available is PGP 2.6.3i, so he
>sometimes needs to encrypt using my old RSA key so that I can read my
>mail when using that machine.
>
>I also know someone (who runs the International PGP pages in fact) who
>has several keys, shown as of low and high security, all with the same
>associated address. He can only decrypt the high security key at his
>home, but can decrypt the low security key at his place of work. 

I can give several similair examples, involving both a RSA and a DH
key, involving a low-security key and a high security key, or involving
a third party signed, rotating key linked to one job and a normal key
linked to an other.

Although 95% of my e-mail traffic is unencrypted and unsigned, I
sometimes have e-mail traffic that is very sensitive. I like to stress
that good PGP-support is an important issue for me.


Best wishes,
Winfried

http://web.inter.NL.net/users/Winfried/