Creating PGP keys
You can create PGP keys with different encryption algorithms and key lengths.
- Go to Identities > Key enrolment > Key enrolment provider.
- Click Add.
- Select PGP key and click Next.
- Enter a unique name.
- Select the PGP key type and key length and click Next.
NOTE: RSA and DSA with ElGamal are available. The configuration that suits you best depends on the communication partners with whom you want to exchange signed and encrypted emails later. Ask them which key algorithms and key lengths are supported by your infrastructure.
- Determine the validity for the key.
TIP: This makes sense, since keys with a longer key length may be necessary due to increasing computing capacity.
- Sign the new keys with an existing key.
TIP: In certain situations, this can simplify the key exchange, as only the higher-level key - for example the company key - then needs to be exchanged. All PGP keys signed with this key are then automatically considered trustworthy.
- Click Finish.
- Now request the required cryptographic keys. See Requesting cryptographic keys.