98

I am learning how to use OpenPGP keys in GnuPG, and I am wondering what is the threshold people generally use to maintain separate OpenPGP keys. Maintaining an incredibly large number of keys is not good since it makes it difficult to be trusted by others. On the other hand, my feeling is, maintaining a single key may not be able to keep separate things separate.

How many keys are okay? How many are too much?

Jens Erat
  • 23,816
  • 12
  • 75
  • 96

2 Answers2

93

In general, one key per identity should be fine.

One key can include:

  • Several UIDs (for separate mail addresses, ...)
  • Several subkeys (for different devices, so you can put some subkey on your mobile; if it gets lost, revoke only this)

Advantages

  • Less hassle when signing keys, interacting with keyservers, cross-signing your keys
  • Less hassle maintaining your keys including moving to other computers, revocation certificates, ...
  • Less hassle when actually using it
  • Less pollution: If somebody wants to use your public key, it's easier to find the correct one as they're grouped in a semantic way. Imagine looking for a person's name and finding a dozen keys for all his different addresses in use, which to use for encryption?

On having multiple keys anyway

If you want to manage multiple IDs which shall not be connected directly (I can imagine a personal one, one at your employer, one for stuff which may not contain your real name - I think of governmental pressure, ...), feel of course free to use multiple primary keys.

Limitations of Subkeys

Others encrypting for you will always choose the newest subkey. There is no way to connect subkeys to specific user IDs (for example, to have different subkeys for work and home). This would be a good reason for using multiple primary keys (also, your employer might be able to require the private key, depending on your local legislation). This is not valid for signing subkeys: each computer will just use the subkey that is available; if you only distribute the specific subkey, you can easily enforce a given subkey.

GnuPG can only merge different sets of private subkeys for a primary key starting from version 2.1. Make sure to have all subkeys on a single machine and export as needed, or upgrade GnuPG. There is a way using gpgsplit and cat, but it is tedious and requires deep knowledge of RFC4880 (the OpenPGP specification).

Creating and Exporting Subkeys

Subkeys are generated by running gpg --edit-key [key-id] for the primary key, and then starting the subkey generation assistant with the addkey command (don't forget to save afterwards). To export a subkey (or set of subkeys), run gpg --export-secret-subkeys [subkey-id]! >subkey.pgp -- do not forget the exclamation mark ! , otherwise GnuPG will resolve the subkey to the associated primary key (and export this one instead). You can import it using the normal gpg --import [file] command.


I strongly recommend Debian's document on subkeys for further reading.

Jens Erat
  • 23,816
  • 12
  • 75
  • 96
15

How many keys are okay? How many are too much?

You only need multiple keys if you want to have multiple disconnected identities. Identities are signed and a key may have multiple identities on it. Thus, you could have one key with all the identities that you wish to lay claim to.

Equally, you can create as many keys as you want to have disconnected identities It's entirely a personal matter as to how many you feel will be appropriate and personally manageable.

Jeff Ferland
  • 38,170
  • 9
  • 94
  • 172