Mailing List Archive

Hi,

I use the following command to test my new key setup:

$ gpg --batch --passphrase '' --yes --quick-gen 'Firstname Lastname
<test@example.com>' rsa4096 cert 1d&& for u in sign sign encrypt; do gpg
--batch --passphrase '' --yes --quick-add-key $(gpg --with-colons -k
test | awk -F::::::::: 'NR==3{print substr($2,1,length($2)-1)}') rsa4096
$u 1d || exit $?; done

which give the following:

$ gpg -K

-----------------------------
sec rsa4096 2020-01-03 [C] [expires: 2020-01-04]
3C5CFD620005347A62052A6B596CB80D30E8829D
uid [ultimate] Firstname Lastname <test@example.com>
ssb rsa4096 2020-01-03 [S] [expires: 2020-01-04]
ssb rsa4096 2020-01-03 [S] [expires: 2020-01-04]
ssb rsa4096 2020-01-03 [E] [expires: 2020-01-04]


Is there any downside to have my master key with the certify capability
only?


In other words, is it required for the master key to have the sign and
certify capabilities.

--
John Doe

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users