@bascule @matthew_d_green there is no meaningful distinction between "authentication keys" and "signing keys" regardless of context
-
-
Replying to @dvanduzer
@dvanduzer@matthew_d_green even if the signing key is your primary key?2 replies 0 retweets 0 likes -
Replying to @bascule
@bascule@matthew_d_green the primitives for any asymmetric crypto are "sign/verify" and "encrypt/decrypt"1 reply 0 retweets 1 like -
Replying to @dvanduzer
@dvanduzer@matthew_d_green there are also signing subkeys in addition to auth subkeys! :o2 replies 0 retweets 0 likes -
Replying to @bascule
@bascule@matthew_d_green reading up a bit, subkeys are *roughly* similar to the function of encryption keys re: forward secrecy1 reply 0 retweets 0 likes -
Replying to @dvanduzer
@dvanduzer@matthew_d_green one primary (signing) key can have multiple enrolled subkeys. It's a "has many" relationship1 reply 0 retweets 0 likes -
Replying to @bascule
@bascule@matthew_d_green right, the signing key "publishes" an encryption key (by signing it) so you can airgap your identity or something1 reply 0 retweets 0 likes -
Replying to @dvanduzer
@dvanduzer@matthew_d_green but they're long-lived keys, and you can also sign signing subkeys (or auth keys)2 replies 0 retweets 0 likes -
Replying to @dvanduzer
@bascule but my ignorance of PGP implementation details isn't your problem. see: "PGP vs OTR" for a variety of essays on the general topic1 reply 0 retweets 0 likes
@dvanduzer preaching to the choir. I'm a fan of Axolotl ratchets and DC-Nets ;)
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.