I am setting up PGP (using GPGTools GPG Suite for OS X) and I use multiple email addresses daily. It appears I have several choices on how to do this, and I am wondering what is most secure/most correct.
To provide an example: I have three email addresses for different uses:
me@private.com - My private email
me@gmail.com - A private email that i hand out to everyone
me@website.com - A mail that is publicly available, but that i filter in my inbox.
As far as I can see, the choices I have are:
1 I can make a new key pair for each of the rest of my email addresses. This would require me to either use the same passphrase, or come up with a new for each address.
2 It appears I can add a userID to my current key pair, and define a different email address. This appears to allow me to share only one public key, and have the same passphrase for all the addresses.
Have I understood this correctly? Are there any best practices, or things to look out for? If I generate a new key pair for all the addresses, should I then have a different passphrase for each?
