| gabriel rosenkoetter on 1 Oct 2007 20:24:50 -0000 |
|
At 2007-10-01 15:27 -0400, Art Alexion <art.alexion@verizon.net> wrote: > Should I add the new address to the current key or generate a new key? My > preference is to use the same key so that it is always my key. Is there any > reason not to do this but to generate a new key. That will require you to keep a copy of your private key on whatever system you use at work to send email, which system presumably doesn't belong to you (unless it's your business). That doesn't seem like a very safe thing to do, does it? I would (and have done, in the past) generate a separate key. Even if you trust your employer (and, btw, you should inform key-signing partners when you do this; it may sway their judgement of how much trust to assign to your signatures of others' keys), you may want to pre-generate a revocation certificate for that subkey and keep it on hand for the day you leave that employer. (You should, of course, already have a revocation certificate generated, printed, and stored in a safe place for the whole key, in case that's compromised.) -- gabriel rosenkoetter gr@eclipsed.net Attachment:
pgpBWFTA3eAZK.pgp ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|