I appear to have lots of keys. Which one should you use? This document attempts to be a quick-ish guide to my various OpenPGP keys, explaining the properties of each of them.
People seem to enjoy signing and encrypting messages. This seems peculiar to me, because OpenPGP’s sign-and-encrypt has rather unhelpful properties. It works by first signing the message (pretty much as it would if you weren’t encrypting), and then encrypting the result. This means that, in fact, it’s not technically very difficult for the recipient to strip off the outer encryption, and then prove to a third party that you signed the inner message. This probably isn’t what you wanted. Alas, there doesn’t seem to be a different way of providing sender authenticity using the OpenPGP framework; maybe everyone should use catcrypt instead.
Anyway, because of this, I don’t routinely sign messages; I don’t encrypt-to-self either. If you want me to authenticate a particular message for some (clearly specified) reason, I’ll probably do it.
pub dsa3072 2010-04-25 [SC]
2514 C740 3C02 C495 32F5 C0DE 92DF F4DF C826 4DA5
uid [ultimate] Mark Wooding (mdw-general-2010) <mdw@distorted.org.uk>
sub elg3072 2010-04-25 [E]
This is my general-purpose key. It’s the key that I sign stuff by default, and it’s the key you should use when sending me anything important. If you have any doubts about which key to use, it’s probably this one.
I don’t have copies of the private key on any machine I don’t solely administrate and trust completely. The private key is protected by a good passphrase. I won’t use it to sign messages I don’t believe to be true, and will be careful about using it to sign other people’s keys.
pub rsa3072 2014-03-24 [SC]
BB6E 300C 403C 8FD2 A27C 244A 9CF6 D89E EAEC A6F5
uid [ultimate] Mark Wooding (mdw-everyday-2014) <mdw@distorted.org.uk>
sub rsa3072 2014-03-24 [E]
This is a low-security everyday key. I encourage you to encrypt everyday correspondence to me using this key. Do not use it for anything particularly important: use the general-purpose key instead. This one is the ‘better than nothing’ key. Its purpose is to annoy people trawling through correspondence in an untargetted manner.
I have copies of the private key on various machines I trust more-or-less. The private key is not protected by a passphrase: it would be too annoying to have to type the thing in all the time. I won’t sign messages or keys using this key. If this makes you nervous about the security of the key, then use the general-purpose one instead.
pub dsa3072 2014-03-24 [SC]
7A21 22A8 5B67 A6A2 0483 36CD 7862 7D02 E359 CA55
uid [ultimate] Mark Wooding (mdw-codesign-2014) <mdw@distorted.org.uk>
I use this key to sign source distributions and Debian changes files. It doesn’t get used for anything else. There is no encryption subkey; this is intentional.
Copies of the private key exist on most machines I use for software development. The private key is not protected by a passphrase, so that the key can be used by scripts without causing massive annoyance. This shouldn’t be cause for alarm, because the source code is lying around on the same machine: any adversary who can sign bad code with the key can also make my code be bad, probably without me noticing.
pub dsa1024 2008-02-27 [SC]
8384 2448 1371 BE1B 22EC B4C5 4551 0A46 4813 34C2
uid [ultimate] Mark Wooding (mdw-codesign-2008) <mdw@distorted.org.uk>
pub dsa1024 2008-12-01 [SC]
57E9 10A7 BE4B 9349 EDB3 A281 31CD 2A1F A96A 23BE
uid [ultimate] Mark Wooding (mdw-everyday-2008) <mdw@distorted.org.uk>
sub elg2048 2008-12-01 [E]
pub dsa1024 2000-04-10 [SCA]
7BC0 ACE5 935E 3DAC F80A E70D 059C 9F1A 7A64 475F
uid [ultimate] Mark Wooding <mdw@distorted.org.uk>
uid [ultimate] Mark Wooding <mdw@nsict.org>
uid [ultimate] Mark Wooding (mdw-nsict-gpg) <mdw@nsict.org>
sub elg2048 2000-04-10 [E]
pub dsa1024 2000-04-10 [SCA]
AE48 BBC0 6494 D860 41E4 43A7 C3B6 1D5B AEE7 5AB6
uid [ultimate] Mark Wooding <mwooding@ncipher.com>
uid [ultimate] Mark Wooding (mdw-ncipher-gpg) <mwooding@ncipher.com>
sub elg1024 2000-04-10 [E]
I have a large bunch of old keys which you shouldn’t use any more. They’re quite old, and I didn’t know as much about cryptography when I made them, so they’re not properly balanced and that sort of thing.
As far as I know, the old keys are still ‘good’ in the sense that nobody appears to have compromised them, and I can still decrypt stuff using them. If the features I’m using in my main keys aren’t supported in your OpenPGP implementation, then it’s certainly not a bad idea to use an older key. Still, you should use newer keys if you can.