This article details the advanced settings available when creating a PGP keypair.

 

When creating a PGP keypair, you have the option to specify advanced settings for your key. This option is available by clicking the Advanced button on the Name and Email Assignment screen in the PGP Key Generation Assistant.

Key type

• Diffie-Hellman/DSS
• RSA

Generate separate signing subkey
Select this box if you need a separate subkey for signing. A separate Signing Subkey is created along with the new keypair. You can also create additional signing or encryption subkeys any time after the new key has been created.

Key size
Type from 1024 bits to 4096 bits. The larger the key, the more secure it is, but the longer it will take to generate. Some smart cards and tokens limit key size to 1024 bits.

Expiration
Select Never or specify a date on which the keypair you are creating will expire.

Allowed Ciphers
Deselect any cipher you do not want the keypair you are creating to support.

Preferred Cipher
Select the cipher you want to be used in those cases where no algorithm is specified. Only a cipher that is allowed can be selected as preferred.

Allowed Hashes
Deselect any hash you do not want the keypair you are creating to support.

Preferred Hash
Select the hash you want to be used in those cases where no hash is specified. Only a hash that is allowed can be selected as preferred.