I have a Master Identity key (which is detached from my daily-use keyring) and both encryption and signing subkeys (all are RSA).
I sign documents with the signing subkey: GnuPG selects this key automatically from my daily-use secret keyring (possibly) because the master key isn't present.
I'm not sure whether I should use the master key or the signing subkey when I want to certify someone else's public key.
It seems to me that I would increase the risk of compromising the master key if I use it for certification every time I obtain, import and verify the public key of a correspondent (although both master and daily-use private keys are only used on a non-networked machine, I feel that I should limit the exposure of the master key).
On the other hand, if I make certifications with the signing subkey and am later forced to revoke that key, those certifications will all need to be repeated with a new signing key (certainly those certifications which were made with --sign-key
as opposed to --lsign-key
).
Is this a trade-off that I must decide for myself or is it clear that I should use one or the other key?